‹ Back
Building Trust 22 January 2018

European Regional Bureau Newsletter – 13 Jan 2018 – 19 Jan 2018

Internet Access

EU: WP on Telecommunications and Information Society meeting

  • The Working Party on Telecommunications and Information Society met on January 18 to examine the latest Presidency text on the proposal for a Directive establishing the European Electronic Communications Code (EECC).
  • The EECC is currently being discussed by the co-legislators (Commission, European Parliament and Council). The next trilogue meeting will take place on February 1.

EU: Council breakfast discussion on access issues in European Electronic Communications Code

  • The Bulgarian Presidency of the Council of the EU organised a breakfast discussion on the more politically sensitive articles on the network access chapter of the telecommunications reform.
  • The Parliament’s position has so far been to focus on spectrum in the lead up to the next trilogue negotiation (1 February) – however there are now signs from the Council that it is looking to move forward the discussion.


Japan: Japan to join NATO Cyber Defence Centre of Excellence

  • Japan will soon join the NATO Cooperative Cyber Defence Centre of Excellence (CCD COE), a NATO-accredited international competence center, think tank and training institution in Tallinn, Estonia.
  • The director of the center, Merle Maigre, welcomed Japan’s decision to join as a NATO’s key partner state outside the Euro-Atlantic area, as well as “a world-renowned leader in the field of technology and cyber security.”

Sweden: PM announces new authority to fight fake news

  • On January 14, Swedish Prime Minister Stefan Löfven announced it would establish a new authority to encourage tackling fake news and disinformation, while helping to spread accurate information to the public.
  • The decision comes after the European Commission established a new High-Level Group (HLEG) on fake news and online disinformation, as part of a larger strategy the EU is implementing to tackle the spread of fake news and disinformation online.
  • Other European Members have also taken action against the phenomenon. French President Emmanuel Macron has recently announced a new law to combat fake news.

EU: ENISA issues “2017 cyber threat landscape” report

  • On January 15, the European Union Agency for Network and Information Society (ENISA) published its “2017 cyber threat landscape.” This is the sixth in a series of ENISA’s reports analyzing the state-of-the-art in cyber threats.
  • Among other things, ENISA’s report stresses the fact that complexity of attacks and sophistication of malicious actions in cyberspace continues to increase, and identifies the monetization of cybercrime as the main motive of threat agents.
  • The document states policy makers should take into consideration the cyber-threat landscape when defining their defence strategies, while also ensuring that education and research organisations are provided with the appropriate means to increase skills, capabilities, and knowledge related to cyber-threats.
  • The report also suggests the automation of cyber-threat intelligence needs to further progress to include strategic and tactical intelligence.

EU: ENISA issues ICT certification laboratories overview

  • On January 18, ENISA published an “Overview of the ICT Certification Laboratories practices in Europe” to identify and analyse the current ICT security certification laboratories within the EU Members. The study also makes a comparison to the practices used in non-EU countries.
  • The report states that most existing laboratories operate under their respective national schemes and often reflect the characteristics of their economies and policies. This trend may increase the risk of market fragmentation and bring up challenges regarding interoperability.
  • By evaluating additional non-EU laboratories, the report goes one step further and identifies relevant patterns, similarities and differences.
  • The findings will be a used as input to the preparation of an EU-wide ICT security certification framework, currently being discussed by the co-legislators (the “Cybersecurity Act”).

EU: Horizontal Working Party on Cyber Issues meeting

  • On January 19, the Horizontal Working Party on Cyber Issues (cyber attachés) met to discuss several topics of high interest.
  • The role of encryption in criminal investigations has been discussed and the European Commission presented its latest activities in support to law enforcement agencies and exchange of views with the WP members.
  • The agenda also included an exchange of information from the Bulgarian Presidency of the Council, the Commission and the EEAS; a follow-up on the Wannacry cyber-attack; as well as a presentation of the ENISA’s report on the 2017 cyber threat landscape.

EU: Commission’s review of Code of Conduct on countering illegal online hate speech

  • On January 19, the European Commission issued the third evaluation of the Code of Conduct on countering illegal online hate speech.
  • The analysis shows that IT companies removed on average 70% of illegal hate speech notified to them. There is thus a continued improvement and more platforms are expected to join the initiative (e.g. Instagram and Google Plus).
  • Since May 2016, tech giants such as Facebook, Twitter, YouTube and Microsoft have committed to combatting the spread of online hate speech, and removing more than two thirds of such content within 24 hours.
  • “The Code of Conduct is now proving to be a valuable tool to tackle illegal content quickly and efficiently,” said Vera Jourova, EU Justice Commissioner. Nonetheless, some challenges still remain, notably the lack of systematic feedback to users.

US: Companies file brief in Microsoft Supreme Court data case

  • Around 300 companies, groups and individuals filed briefs with the U.S. Supreme Court in support of Microsoft in a long-standing case involving access to emails held by Microsoft on an Irish data server.
  • Privacy International, backed by 26 other global rights groups, filed an amicus brief warning about the “profound implications for the resilience of data protection laws all over the world.” IBM said that it could damage cloud providers’ business prospects. A group of 51 scientists have also submitted a brief.
  • Microsoft has argued that the U.S. Department of Justice’s attempt to seize emails stored in the Irish data centre would violate foreign data protection laws and risk damaging the laws those countries have put in place to protect their citizens’ privacy.

UK: Google fights “right to be forgotten” in London court

  • Google fights its first battle over the “right to be forgotten” in England’s High Court. Two (anonymous) citizens want Google to take down links to information related to their old convictions. The first trial will take place on February 27 and the second on March 13.
  • The “right to be forgotten” principle, created by the European Court of Justice’s ruling in May 2014, allows people to ask for links to online information about them to be removed from search engine results if it’s outdated or irrelevant. It allows users to request, and force, Google to delist websites from its search results under certain circumstances.
  • Google said it “worked hard to comply with the right to be forgotten, but it took great care not to remove search results that are clearly in the public interest and will defend the public’s right to access lawful information.”
  • Google has warned about the danger the principle could pose to freedom of speech online.

EU: European Commission’s e-evidence proposal delayed

  • The European Commission was expected to release its proposal on e-evidence, aimed at improving cross-border access to electronic evidence in criminal matters, on January 24. However, the presentation has now been postponed to the end of February.
  • Some controversial issues still need to be solved, notably whether companies must have legal representation in the EU to enable European security authorities to access their data, and whether there should be deadlines for businesses to provide data requested by prosecutors.
  • Justice Ministers will discuss this at an informal Justice and Home Affairs Council (JHA) meeting in Sofia, Bulgaria, on January 26.

EU: Article 29 WP to elect new chair

  • The Article 29 Working Party will meet on February 6-7 to elect a new chairperson.
  • Andrea Jelinek, Head of the ‎Austrian Data protection Authority, and her Bulgarian counterpart, Ventsislav Karadjov, Chairman of the Commission for personal data protection, have both submitted their candidacies and will thus run for the role.
  • The election will be particularly relevant, given the next chairman will also be responsible for the European Data Protection Board (EDPB), a new institution that will enforce the EU’s General Data Protection Regulation (GDPR), from 25 May 2018.
‹ Back

Related articles

Building Trust 31 August 2020

Policy Toolkit on IoT Security and Privacy

The Policy Toolkit on IoT Security and Privacy is a practical resource for policymakers and regulators to strengthen the...

Building Trust 1 November 2019

Security Factsheet: Keeping Your Workplace Safe Online

For many of us the Internet is a staple in our day-to-day lives – especially at our jobs. But...

Building Trust 1 November 2019

Security Factsheet: Why Should Municipalities Make Network and Data Security a Priority?

Communities can minimize risk by being intentional about how and by whom networks and devices are used. These are...