‹ Back
Newsletters 29 May 2017

European Regional Bureau Newsletter – 19 May – 26 May 2017

Internet Access

EU: First EU-Mexico dialogue on Digital Economy

  • On May 19, the EU and Mexico held their first dialogue on the digital economy. Roberto Viola (Director General DG Connect) and Edgar Olvera Jiménez, (Undersecretary of Communications of the Ministry of Communications and Transport, Mexico), co-chaired the meeting.
  • They concluded that EU and Mexico have a similar approach on the way they respond to the legislative challenges of a new era of Internet and Telecommunications. They agreed they would continue to engage in international fora to keep the Internet open, unique and secure for all; that Mexico will work with the EU on High Performance Computing (HPC); and that they will share best practices on several crucial area of the Digital Single Market, including ICT standards, cybersecurity and data protection.

EU: Operators urge EU ministers to provide favourable investment conditions

  • CEOs of some of Europe’s largest telecoms companies have addressed a letter to EU telecoms ministers, ahead of the Telecoms Council meeting on 8-9 June, warning that proposed changes to the Electronic Communications Code and ePrivacy Regulation could put 5G investments at risk.
  • The industry estimates that the European Commission’s plan would cost €660bn and that “unexpected price regulation would be incompatible with the ambitious plans for a digital single market”. The sector called on European ministers to “save the 5G project” by sticking to plans to harmonise the regulation of spectrum. These plans have met resistance from some European telecoms ministers (notably, Germany, Spain and UK).
  • The letter was signed by the CEOs of Deutsche Telekom, Orange, BT, Telecom Italia and Telefónica, KPN, Telenor Group, Telia Company, Go Malta, Türk Telekom, Bulgarian Telecommunications Company, Proximus, and Telekom Austria.

EU: BEREC to launch three public consultations in summer 2017

  • On June 7 the Body of European Regulators for Electronic Communications (BEREC) will hold a public debriefing to present the results from its 31st plenary meeting to take place on 1 and 2 June 2017 in Lisbon. On that occasion, BEREC will launch three public consultations on the following documents: (i) BEREC Medium-term strategy 2018-2020; (ii) Internet protocol interconnection practices in the context of Net Neutrality; and (iii) BEREC regulatory methodology for quality of service assessment for the implementation of Net Neutrality provisions.
  • All the public consultations will run for four consecutive weeks, and will end on 5 July 2017. Stakeholders are invited to submit their contributions through BEREC’s new consultation platform.

Ireland: Irish operators to spend €78 million in spectrum auction

  • Five mobile operators in Ireland, namely Vodafone, 3 Ireland, Meteor, Imagine and Airspan, will pay €78m between them in the State’s latest spectrum auction. The operators will pay €57m upfront and a further €21m over a 15-year licensing period for the right to use parts of the 3.6 GHz spectrum band, considered to be crucial for the development of 5G mobile services. 5G mobile services are expected to be introduced in Ireland around 2020, promising speeds equivalent to fibre broadband.
  • Communications Minister Denis Naughten also welcomed the auction results, claiming that they were “highly significant also for rural areas”.

EU: European Commission VP Andrus Ansip addresses European Data Economy

  • In answering a written question submitted by MEP Victor Negrescu (S&D, RO) on how the European Commission plans to improve access to European public data, Vice-President Andrus Ansip has reaffirmed that “a wide re-use of data held by public sector bodies is at the heart of the Commission’s Open Data policy”.
  • According to VP Andrus Ansip, the European Commission will prepare in spring 2018 an initiative on accessibility and re-use of public and publicly funded data and further explore the issue of privately held data which are of public interest. In the meanwhile, the European Commission will continue to promote accessibility and discoverability of public data.

EU: European Commission launches public consultation on Database Directive

  • The Commission has launched a public consultation on the Database Directive, which will run from 24 May 2017 to 30 August 2017. The consultation aims at gathering information on the evolution of the market related to databases; the use and the impact of the copyright and the sui generis protection regimes on the database makers and users; and the application of the Database Directive and possible needs of adjustment.
  • The Commission wants to determine whether the current directive is fit-for-purpose in a digital, data-driven economy.
  • The Database Directive, as it currently stands provides legal protection for databases (copyright protection for original databases and “sui generis” protection for databases in which a major investment has been made).


EU: APPA-GDPR Interactive Workshop

  • On May 18 and 19, the first international interactive workshop on the General Data Protection Regulation (GDPR) between Asian Pacific Privacy Authority (APPA) members and Working Party 29 (WP29) members was held in Paris. It was hosted by the French Data Protection Authority (CNIL). The participants agreed to establish this APPA/WP29 meeting as an annual event
  • The event aimed at sharing knowledge and boosting cooperation between participants on the future challenges that will come with the application of the GDPR. The APPA participants had the chance to share their understanding of the GDPR and discussed possible tools to inform their businesses covered by the scope of the GDPR.

EU: Vice President of the European Commission Andrus Ansip and Commissioner Věra Jourová’s statement on GDPR

  • On May 24, European Commission Vice-President Andrus Ansip and European Commissioner for Justice Věra Jourová made a statement on the General Data Protection Regulation (GDPR), one year ahead of its entry into force. VP Andrus Ansip and Commissioner Věra Jourová highlighted the need to ensure harmonization and avoid fragmentation on the implementation of the GDPR.
  • Moreover, they stressed that, from May 2018, businesses will benefit from more legal certainty with a single set of rules and a unique supervisory authority in the EU. According to the statement, since non-personal data do not fall under the GDPR’s scope, the European Commission will make a new legislative proposal “to guarantee the free flow of data” and another proposal promoting accessibility and reuse of public data, by the end of 2017.

EU: DIGITALEUROPE releases views on A29WP draft guidelines on Data Protection Impact Assessments

  • Last month, the Article 29 Working Party (A29WP) released draft guidelines on Data Protection Impact Assessments (DPIA). Under the GDPR, these impact assessments must be carried out by organisations conducting “high risk processing”
  • DIGITALEUROPE (DE) has released a position on these guidelines which welcomes the recognition in them that DPIAs and ‘high risk’ are context specific and that entities must have a level of flexibility to devise their specific risk assessment frameworks. DE also thanks the WP for initial thoughts on the debate of what constitutes ‘high risk’ data processing operations.
  • DE also opposes the imposition of a list of high risk processing activities as it would be quickly outdated. However, it is concerned that the draft guidelines will result in organisations interpreting DPIAs as a mandatory exercise for the majority of data processing rather than as an “exceptional instrument” for “high risk situations”.
  • DE encourages the WP29 to provide more concrete examples of ‘high risk’ processing as well as “low risk” processing to provide clarity to data controllers and avoid unnecessary DPIA exercises.

UK: UK Conservative Party Election Manifesto addresses the “digital age”

  • The Conservative Party has released its 2017 campaign Manifesto “The Conservative Manifesto: Forward, together Our Plan for a Stronger Britain and a Prosperous Future” with an entire chapter on “prosperity and security in a digital age.” The UK Conservative party aims to create the “world’s most dynamic digital economy” by clarifying rules around Internet businesses, data and online rights.
  • It argues for new protections of people’s data online, “backed by a new data protection law”, including giving British citizens the right to require major social media platforms to delete information held about them at the age of 18, and “unprecedented investment in cyber security and stronger cyber standards for public services.”

EU: ENISA and tech companies ask the European Commission for mandatory security rules for IoT

  • On May 23, the European Union Agency for Network and Information Security (ENISA) and a group of tech companies (notably, Infineon, NXP and STMicroelectronics) unveiled a “Common Position on Cybersecurity”, formerly agreed in December 2016.
  • The position claims “there is no basic level, no level zero defined for the security and privacy of connected and smart devices”, and urges the European Commission to develop “mandatory staged requirements for security and privacy in the Internet of Things” including connected devices and services.
  • The signatories support the introduction of an EU Trust Label as they argue that self-regulation failed. Some other big tech players disagree with this position: Google, Microsoft and Cisco, represented by DIGITALEUROPE, believe having voluntary standards is the best option. The European Commission has not taken a position on the matter.

Germany: Germany takes serious action against cybercrime

  • Germany’s army launched a new command of 13,500 soon-to-be cyber soldiers and contractors. At the same time, the interior ministry opened a cyber unit in Munich where 400 people will be hired to develop tools to decode encryption and work on how to strike back during cyberattacks.
  • The threat of cyberattacks has intensified in recent years and, according to officials, German companies suffer an estimated €50 billion in damages every year. Recognising the urgency of the issue, and fearing hacks on public institutions and espionage, Angela Merkel has affirmed the creation of a legal framework for “computer network operations” (“hacking back”) is a priority for the country. The German Security Council commissioned two analyses on how to develop a legislation proposal on this.

EU: Summary of the 3rd meeting of the Network and Information Systems Security Committee published

  • The Network and Information Systems Security Committee met on April 6 to discuss a non-paper on further specification of elements and parameters related to the security and incident notification requirements for digital service providers. A summary record of the meeting was recently published.
  • The committee members discussed the input that European Commission received from the industry and national experts during a NIS expert group meeting on March 15 and a workshop with the private sector on March 27 2017. The committee members discussed the level of detail on the security and notification requirements that need to be reflected in the implementing act and will send written comments to the European Commission.

EU: European Defence Agency on EU cyber sector funding

  • The European Defence Agency (EDA) will launch next week a €90 million research program on defense. This program will include funding for cyber projects,. However, the EU is looking for ways to block non-European firms from accessing the funds it pours into cybersecurity technology.
  • Jorge Domecq, chief executive of the European Defence Agency (EDA), has reportedly claimed that “no EU budget can be allocated to manage cyber-research outside of the EU”. He continued by saying that EU citizens would not want their money to be invested in this way.

EU: Microsoft questioned over anti-virus tools and cybersecurity measures

  • Microsoft is said to have used the rollout of Windows 10 to strengthen its own cybersecurity services while attempting to weaken those of others. One complaint about Windows 10 is that it gives third-party security specific messaging guidelines, which don’t apply to its own Defender. Another is that it runs automatic background scans that cause users to uninstall Kaspersky, Avast or any other software and to install Microsoft’s own Defender instead.
  • The allegation was made public by Eugene Kaspersky in a blog and in a complaint to the Russian competition authority. A similar complaint will be filed in Brussels.
‹ Back

Related articles

Newsletters 3 April 2020

Kilima: Highlights from ISOC Africa – March 2020

Africa Regional Bureau Newsletter for March 2020

Newsletters 3 February 2020

Kilima: Highlights from ISOC Africa – January 2020

Africa Regional Bureau Newsletter for January 2020

Newsletters 12 December 2019

Kilima: Highlights from ISOC Africa – November 2019

Africa Regional Bureau Newsletter for November 2019