Brussels, 06/06/2014 (Agence Europe) - “We have noted encouraging results (…). We have a good basis to continue the work under the Italian Presidency”, said Greek Secretary of State for Infrastructure, Transport and Networks Michalis Papadopoulos in Luxembourg on 6 June.
“I am pleased with the results achieved today (…). It is important to show the European citizens that, when it comes to the important questions, everything possible will be done to boost economic growth, to create jobs (…). Businesses must invest in the digital economy, we need this to support recovery”, said Digital Strategy Commissioner Neelie Kroes.
Two points were on the agenda of the Telecoms Council: the directive on network and information security (NIS) and the regulation on the single European electronic communications market (connected continent package), for which the Greek Presidency presented a progress report. This takes stock of the work carried out since December 2013, together with guidelines and approaches designed to clear the way for the Italian Presidency.
NIS directive. The aim of the proposal is to oblige the member states, key internet service facilitators and critical infrastructure operators to guarantee a secure digital environment throughout EU territory. The main challenge for the Italian Presidency will be to find an approach which is acceptable to all member states, striking a fair balance between binding rules at EU level and optional measures the states may choose to adopt, and which must all lead to similar levels of preparedness in terms of NIS and allow the EU effectively to respond to the challenges posed by digital threats.
Although all delegations fully recognise the need and urgency to take measures to deal with NIS incidents and prevent cyber-attacks, opinions differ on the best way of ensuring network security throughout the EU. Two groups are emerging: - those which prefer a flexible approach, with binding EU rules limited to critical infrastructure and basic requirements, topped up by optional measures on a voluntary basis (Germany, the United Kingdom, France, Spain, Finland, Ireland and the Netherlands amongst others); - those which favour the Commission's approach, taking the view that only legally binding measures will make it possible to achieve the required security levels EU-wide (these countries include Poland, Lithuania, the Czech Republic, Slovakia and Slovenia).
Revision of the key elements of the proposal. 1) strategy and competent authority in NIS matters: aware that any incident of a digital nature occurring in one member state may have repercussions on its neighbours, the delegations support the principle of a coordination entity at national level. However, those which already have a well-defined national strategy to tackle such issues have misgivings about the requirements imposed by the proposal, which could be incompatible with their own frameworks and therefore undermine their effectiveness; 2) risk management and notification of incidents: as regards the chapter on the network and information systems security of the public administrations and market actors, many delegations wonder whether, aside from critical infrastructure operators (electronic trade platforms, social networks and operators active in the sectors of energy, transport, health and banking services), the proposal should not also cover providers of digital services. Several delegations have raised the question of the extent to which the member states would be able to “guarantee” that the stakeholders secure their networks and notify incidents. Concerns were also expressed on the consequences notifications could have on privacy and confidentiality of information; 3) cooperation network: based on permanent communication between the European Commission on the 28 competent national authorities, this network would ensure coordinated intervention in the event of a cyber-incident. Discussions will also continue at this level on the responsibilities to be assigned to it. Many delegations take the view that the network should not assume operational responsibilities and that it would be preferable to describe it as a “mechanism” rather than a “network”. Most of the delegations would also prefer to rely on existing entities and mechanisms. Some of them also state that the sharing of information should be carried out on a voluntary basis and therefore question the need for the proposed secure information exchange system. More specifically, the early warning mechanisms suggested still raise many questions, such as: what information will be exchanged and when and what will lead to?
In a mood of optimism, the Italian minister said that the Council was “very close to an agreement”. The intensity and arrangements of our cooperation and the balance between national and European interests remain to be defined, he commented. “We are making good progress (…). We still have to explore the possibilities of cooperation at operational level, we need to move forward in stages”, Kroes added.
Single telecommunications market: in December, the Telecoms Council showed a great deal of caution, taking the view that they should not move too hastily by adapting the proposal too quickly, even though they all agreed on the need to create a single communications market (see EUROPE 10978). The stated objectives, such as measures to encourage investment, strengthening consumers' rights and net neutrality, were also unanimously approved.
The report by the Greek Presidency covers most of the concerns expressed in December. At this stage, most of the member states remain concerned by red tape and the financial burden to be generated by the proposal, the lack of clarity of the link with the current telecoms framework and the effects on the powers of the national regulatory authorities. Additionally, many delegations take the view, as regards the radio-electric spectrum, that the provisions to harmonise the synchronisation times for radio-frequencies for broadband and bringing in a European mechanism to coordinate radio-frequency rights of use go too far. As regards efforts to increase consumer protection, the member states prefer minimal levels of harmonisation, which would allow them to maintain or adopt strict national measures. Lastly, on the controversial issue of the open internet, many delegations stressed the need for the text to be clear and the test of time. In this way, the definition of “internet access services” and “specialist services” should be clarified. Although the delegations are agreed on the need to achieve a fair balance between internet neutrality and reasonable traffic management, opinions differ on the way of achieving this. The common fundamental principles on internet neutrality have still to be agreed upon. It is worth noting that the provisions on roaming have not yet been put to a detailed examination.
However, Kroes still firmly believes that an agreement on the package can be achieved by the end of 2014. “We have enough arguments to prove that this is possible by the end of the year (…) thanks to the efforts of the Greek Presidency and very clear guidelines from the Italian Presidency, which wants a Presidency on the theme of digital issues”. “We are speeding up our work as far as possible and we can continue in this direction. I firmly believe that we can conclude the dossier on many points by the end of the year”, Papadopoulos confirmed. (IL)