BETA

Activities of Julia REDA related to 2018/0328(COD)

Plenary speeches (1)

2016/11/22
Dossiers: 2018/0328(COD)

Reports (1)

2016/11/22
Committee: ITRE
Dossiers: 2018/0328(COD)
Documents: PDF(443 KB) DOC(204 KB)

Amendments (111)

Proposal for a regulation
Recital 1

(1) Our daily lives and economies become increasingly dependent on digital technologies, citizens become more and more exposed to serious cyber incidents. Future security depends, among others, on enhancing technological and industrial ability to protect the Union against cyber threats, as both ~~civilian~~ infrastructure and ~~militar~~security capacities rely on secure digital systems.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 3 a (new)

(3 a) Article 41(2) of the Treaty on European Union states that the Union budget is not to be used for expenditure arising from operations having military or defence implications. Therefore the Cybersecurity Industrial, Technology, and Research Centre and its actions should be provided purely for civilian purposes.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 4 a (new)

(4 a) The Competence Centre and its actions should take into account the implementation of Regulation (EU) 2019/XXX [recast of Regulation (EC) No 428/2009 as proposed by COM(2016)616].22a _________________ 22a Regulation (EU) 2019/... of the European Parliament and of the Council of ... setting up a Union regime for the control of exports, transfer, brokering, technical assistance and transit of dual- use items (OJ L ..., ..., p. ...).

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 5

(5) Substantial disruption of network and information systems can affect individual Member States and the Union as a whole. The security of network and information systems is therefore essential ~~for the smooth functioning of the internal market~~. At the moment, the Union depends on non- European cybersecurity providers. However, it is in the Union's strategic interest to ensure that it retains and develops essential cybersecurity technological capacities ~~to secure its Digital Single Market, and~~and capabilities in particular to protect critical networks and information systems and to provide key cybersecurity services.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 5 a (new)

(5 a) The resilience of ICT infrastructure like the Internet is critical to society, industry and research throughout the Union. That infrastructure relies heavily on components developed as Free and Open Source Software. Society, industry, businesses with diverse business models, as well as research and development build on them to create products and provide services.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 6 a (new)

(6 a) Cybersecurity experts often start their education in non-formal contexts, for example Free and Open Source Software projects and civic tech projects. Civic tech projects make use of open standards, Open Data, and Free and Open Source Software to develop products and services in the interest of society and the public good. They can be of non- commercial or pre-commercial nature and can as such be a precursor for start- ups, or academic and research projects.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 8 a (new)

(8 a) The Competence Centre should contribute to the security of ICT technology that is challenged by a constant evolution of threats and by the advancement of the technology itself. That is why security cannot simply be established, but should be understood as a process, incorporating the principle of “security by design” in the development of ICT technology. “Security by design” as established in Commission Joint Communication of 13 September 2017 entitled “Resilience, Deterrence and Defence: Building strong cybersecurity for the EU” includes state-of-the-art methods to increase security, at all stages of the lifecycle of a product or service, starting with secure design and development methods, reducing the attack surface, and incorporating adequate security testing and security audits. For the duration of operation and maintenance, producers or providers need to make available updates remedying new vulnerabilities or threats without delay, for the estimated lifetime of a product and beyond. This can also be achieved by enabling third parties to create and provide such updates. The provision of updates is especially necessary in the case of commonly used infrastructures, products and processes.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 8 b (new)

(8 b) “Security by design” as a principle should also influence formal as well as non-formal standardisation processes, where a common practice in non-formal standardisation is the creation of reference implementations, published under free and open licences. The secure design of, in particular, reference implementations is crucial for the overall reliability and resilience of commonly used network and information system infrastructure like the internet.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 12

(12) National Coordination Centres should be selected by Member States. In addition to the necessary administrative capacity, Centres should either possess or have direct access to cybersecurity technological expertise in cybersecurity, notably in domains such as cryptography, ICT security services, intrusion detection, system security, network security, software and application security, or human, ethical and societal aspects of security and privacy. They should also have the capacity to effectively engage and coordinate with the industry, the public sector, including authorities designated pursuant to the Directive (EU) 2016/1148 of the European Parliament and of the Council23 , and the research community. _________________ 23 Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (OJ L 194, 19.7.2016, p. 1).

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 14

(14) Emerging technologies such as artificial intelligence, Internet of Things, high-performance computing (HPC) and quantum computing, ~~blockchain and~~as well as concepts such as secure digital identities create at the same time new challenges for cybersecurity as well as offer solutions. Assessing and validating the robustness of existing or future ICT systems will require testing security solutions against attacks run on HPC and quantum machines. The Competence Centre, the Network and the Cybersecurity Competence Community should help advance and disseminate the latest cybersecurity solutions. At the same time the Competence Centre and the Network should be at the service of developers and operators in critical sectors such as transport, energy, health, financial, government, telecom, manufacturing, ~~defence,~~ and space to help them solve their cybersecurity challenges.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 18

(18) ~~Whereas the Competence Centre and the Network should strive to achieve synergies between the cybersecurity civilian and defence spheres, p~~Projects financed by the Horizon Europe Programme will be implemented in line with Regulation XXX [Horizon Europe Regulation], which provides that research and innovation activities carried out under Horizon Europe shall have a focus on civil applications.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 18 a (new)

(18 a) Where an applicant for funding under Horizon Europe excludes non-civil applications in development, research, education or other activities, this should not lead to a disadvantage.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 22

(22) Where they receive a financial contribution from the general budget of the Union, the National Coordination Centres and the entities which are part of the Cybersecurity Competence Community should publicise the fact that the respective activities are undertaken in the context of the present initiative and are of civilian nature.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 29

(29) The Competence Centre should have in place rules regarding the prevention ~~and the management~~, identification and resolution of conflicts of interest in respect of its members, bodies and staff, the Governing Board, as well as the Scientific and Industrial Advisory Board, and the Community. Member States should ensure the prevention, identification, and resolution of conflicts of interest in respect of the National Coordination Centres. The Competence Centre should also apply the relevant Union provisions concerning public access to documents as set out in Regulation (EC) No 1049/2001 of the European Parliament and of the Council24 . Processing of personal data by the Competence Centre will be subject to Regulation (EU) No XXX/2018 of the European Parliament and of the Council. The Competence Centre should comply with the provisions applicable to the Union institutions, and with national legislation regarding the handling of information, in particular sensitive non classified information and EU classified information. _________________ 24 Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament, Council and Commission documents (OJ L 145, 31.5.2001, p. 43).

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 31

(31) The Competence Centre should operate in an open and transparent way ~~providing all relevant~~comprehensively providing information in a timely manner as well as promoting its activities, including information and dissemination activities to the wider public. It should provide the public and any interested parties with a list of the Cybersecurity Competence Community members and should make public the declarations of interest made by them in accordance with Article 42. The rules of procedure of the bodies of the Competence Centre should be made publicly available.

2018/12/13
Committee: IMCO

Proposal for a regulation
Recital 31 a (new)

(31 a) The European Cybersecurity Community can benefit from representing the diversity of society at large, and should achieve a balanced representation of genders, ethnic diversity, and disabled persons.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 1 – paragraph 2 a (new)

2 a. The Competence Centre shall contribute to the overall resilience in the Union towards cybersecurity threats. This can be achieved by raising the awareness for cybersecurity threats, by developing competences, capacities, capabilities throughout the Union, thoroughly taking into account the interplay of hardware and software infrastructure, networks, products and processes, and the societal and ethical implications and concerns.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 1 – paragraph 3

~~3. The seat of the Competence Centre shall be located in [Brussels, Belgium.]~~deleted (The amendment is of technical nature, sentence is moved into Article 44.)

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 1 – paragraph 4

4. The Competence Centre shall have legal personality. In each Member State, it shall enjoy the most extensive legal capacity accorded to legal persons under the laws of that Member State. It may, in particular, acquire or dispose of movable and immovable property and may be a party to legal proceedings.deleted (This amendment is of technical nature. The paragraph is moved into Article 38a (new).)

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 2 – paragraph 1 – point 1

(1) 'cybersecurity' means the process of the protection of network and information systems, their users, and other persons against ~~cyber threat~~threats from network and information systems and their users;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 2 – paragraph 1 – point 2

(2) '~~cybersecurity~~ products and ~~solution~~processes' means commercial and non-commercial ICT products, services or processes with the specific purpose of protecting network and information systems, their users and ~~affected~~other persons from cyber ~~threats;~~security threats, including Free and Open Source Software products, services or processes; (This amendment, replacing “solutions” with “products and processes”, applies throughout the text. Adopting it will necessitate corresponding changes throughout.)

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 2 – paragraph 1 – point 3

(3) 'public authority' means any government or other public administration, including public advisory bodies, at national, regional or local level or any natural or legal person performing public administrative functions under Union and national law, including specific duties;

2018/12/13
Committee: IMCO

(4 a) ‘industry’ means the industry providing products, processes, and services addressing cybersecurity demands and requirements, including SMEs, microenterprises, and individual experts.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 2 – paragraph 1 – point 4 b (new)

(4 b) ‘stakeholders’ mean the industry, public entities and other entities dealing with operational and technical matters in the area of cybersecurity; civil society, in particular consumer associations, and the Free and Open Source Software community; the academic and research community;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 2 – paragraph 1 – point 4 c (new)

(4 c) ‘civic tech projects’ means non- commercial and pre-commercial projects making use of open standards, Open Data, and Free and Open Source Software, in the interest of society and the public good, in particular where they do not have access to sufficient, steady financial support;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 3 – paragraph 1 – point a

(a) ~~retain and~~ develop the civilian cybersecurity technological ~~and~~, industrial ~~capacities necessary to secure its Digital Single Market~~, societal, academic and research capacities and capabilities;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 3 – paragraph 1 – point a a (new)

(a a) increase the resilience and reliability of the civilian infrastructure of network and information systems, the Internet and commonly used hardware and software in the Union;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 3 – paragraph 1 – point b

(b) increase the competitiveness of the Union's civilian cybersecurity industry and turn cybersecurity into a competitive advantage of other Union industries.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 3 – paragraph 1 – point b a (new)

(b a) raise the awareness for cybersecurity threats, and related societal and ethical implications and concerns in the Union;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 1

1. ~~facilitate and help coordinate the work of~~create, manage, and facilitate the National Coordination Centres Network (‘the Network’) referred to in Article 6 and the Cybersecurity Competence Community ('the Community') referred to in Article 8; (The term "Cybersecurity Competence Community" can be shortened to "the Community" throughout the text.)

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – introductory part

3. enhance cybersecurity resilience, capabilities, knowledge and infrastructures at the service of society, industries, the public sector and research communities, by carrying out the following tasks, having regard to the state-of-the-art cybersecurity industrial and research infrastructures and related services:

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – point a

(a) ~~having regard to the state-of-the- art cybersecurity industrial and research infrastructures and related services ,~~ acquiring, upgrading, operating and making available ~~such infrastructur~~own facilities and related services to a wide range of users a~~cross the Union from industry including SMEs, the public sector and the research and scientific community~~nd stakeholders;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – point a a (new)

(a a) facilitating access to facilities and related services other than its own to a wide range of users and stakeholders, where these are made available;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – point b

(b) ~~having regard to the state-of-the- art cybersecurity industrial and research infrastructures and related services,~~ providing support to other entities, including financially, to acquiring, upgrading, operating and making available such ~~infrastructur~~facilities and related services to a wide range of users a~~cross the Union from industry including SMEs, the public sector and the research and scientific community~~nd stakeholders;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – point b a (new)

(b a) providing financial support and technical assistance to cybersecurity start- ups, SMEs, micro-enterprises, individual experts; to Free and Open Source Software projects, commonly used for infrastructure, products and processes; and to civic tech projects;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – point b b (new)

(b b) providing software security code audits and improvements for Free and Open Source Software projects, commonly used for infrastructure, products and processes;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – point c

(c) ~~provid~~facilitating the sharing of cybersecurity knowledge and technical assistance toamong others to civil society, the industry ~~and~~, public authorities, and the academic and research community, in particular by supporting actions aimed at facilitating access to the expertise available in the Network and the Cybersecurity Competence Community;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – point c a (new)

(c a) promoting “security by design” as principle in the process of developing, maintaining, operating, and updating infrastructures, products and services; in particular by supporting state-of-the-art secure development methods, adequate security testing, security audits; including the commitment of producer or provider to make available updates remedying new vulnerabilities or threats, without delay, and beyond the estimated product lifetime, or enabling a third party to create and provide such updates;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – point c b (new)

(c b) promoting the development of source code contribution policies, in particular where Free and Open Source Software projects are used, modified, and enhanced in public authorities; and especially where the Free and Open Source Software is commonly used for infrastructure, products and processes;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 4 – introductory part

4. contribute to the wide deployment of state-of-the-art and sustainable cyber security products and solutions across the ~~economy~~Union, by carrying out the following tasks:

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 4 – point a

(a) stimulating cybersecurity research, development and the uptake of Union cybersecurity products and solutions, including by public authorities and ~~user~~ industr~~ies~~y;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 4 – point b

(b) assisting public authorities, demand side industries and other users in adopting and integrating ~~the lates~~commonly used, state-of- the-art cyber security products and solutions;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 4 – point c

(c) supporting in particular public authorities in organising their public procurement, or carrying out procurement of state-of-the-art cybersecurity products and solutions on behalf of public authorities, including by providing support for sustainable procurement;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 4 – point d

(d) providing financial support and technical assistance to cybersecurity start- ups ~~and SMEs~~, SMEs, micro-enterprises, individual experts, commonly used Free and Open Source Software projects, and civic tech projects, to connect to potential markets, deployment opportunities, and to attract investment;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 5 – introductory part

5. improve the understanding of cybersecurity ~~and~~, contribute to reducing skills gaps and strengthening the level of skills in the Union related to cybersecurity by carrying out the following tasks:

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 5 – point -a (new)

(-a) raising awareness for the infrastructure-relevance of some commonly used Free and Open Source Software projects, products and processes in coordination with relevant Union agencies and bodies including ENISA, as well as the Network and the Community;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 5 – point a

(a) supporting further development of cybersecurity ~~skills , where appropriate together~~processes, skills, and competences; facilitating a common high level of cybersecurity knowledge; and contributing to the resilience of users and infrastructures in the Union in coordination with relevant EU agencies and bodies including ENISA, as well as the Network.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 6 – point a

(a) providing financial support to cybersecurity research efforts based on a common, continuously evaluated and improved multiannual strategic, industrial, technology and research ~~agenda~~plan;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 6 – point b

(b) supporting large-scale research and demonstration projects in next generation cybersecurity technological capabilities, in collaboration with the industry ~~and~~, the Network, and the Community;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 6 – point c

(c) supporting research and innovation for formal and non-formal standardisation in cybersecurity ~~technology~~, where appropriate in close cooperation with the European Standardisation Organisations;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 6 – point c a (new)

(c a) supporting the development of independent products and processes that can be freely studied, shared, and built upon, in close cooperation with the industry, the Network and the Community.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 7

7. enhance cooperation between the civil and defence spheres with regard to dual use technologies and applications in cybersecurity, by carrying out the following tasks: (a) supporting Member States and industrial and research stakeholders with regard to research, development and deployment; (b) contributing to cooperation between Member States by supporting education, training and exercises ; (c) bringing together stakeholders, to foster synergies between civil and defence cyber security research and markets;deleted

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 8

8. enhance synergies between the civil and defence dimensions of cybersecurity in relation to the European Defence Fund by carrying out the following tasks: (a) providing advice, sharing expertise and facilitating collaboration among relevant stakeholders; (b) managing multinational cyber defence projects, when requested by Member States, and thus acting as a project manager within the meaning of Regulation XXX [Regulation establishing the European Defence Fund].deleted

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 8 a (new)

8 a. contribute to the Union’s efforts to enhance cooperation with regard to cybersecurity by: (a) facilitating the participation of the Network and the Community in international conferences; (b) facilitating the contribution of the Network and the Community to standardisation organisations; (c) cooperating with third countries and international organisations within relevant international cooperation frameworks; (d) facilitating the participation of the Governing Board in international governmental organisations; (e) assisting and providing advice to the Commission with regard to the implementation of Regulation (EU) 2019/XXX [recast of Regulation (EC) No 428/2009 as proposed by COM(2016)616]27a; _________________ 27a Regulation (EU) 2019/XXX of the European Parliament and the Council of ... setting up a Community regime for the control of exports, transfer, brokering and transit of dual-use items, and EU restrictive measures in force, in particular as regards the export of cybersurveillance and intrusion technology (OJ L ..., ..., p. ...).

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 8 b (new)

8 b. contributing to the fundamental rights and ethics assessment of cybersecurity research funded by the Competence Centre.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 5 – paragraph 1 – point a a (new)

(a a) ensure that as a result of Union contribution, access is open by default and re-use is possible;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 5 – paragraph 1 – point b

(b) additional rules governing access to and use of an infrastructure or capability.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 5 – paragraph 2

2. The Competence Centre may be responsible for the overall execution of relevant joint procurement actions including pre-commercial procurements on behalf of members of the Network~~, members of the cybersecurity Competence Community, or other third parties representing the users of cybersecurity products and solutions~~. For this purpose, the Competence Centre may be assisted by one or more National Coordination Centres or members of the Cybersecurity Competence Community.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 6 – paragraph 4

4. The nominated National Coordination Centre shall have the capability to support the Competence Centre and the Network in fulfilling their mission laid out in Article 3 of this Regulation. They shall possess or have direct access to technological expertise in cybersecurity and be in a position to effectively engage and coordinate with industry, the public sector and the academic and research community. The Commission shall issue guidelines further detailing the assessment procedure and explaining the application of the criteria.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 6 – paragraph 5

5. The relationship between the Competence Centre and the National Coordination Centres shall be based on a contractual agreement signed between the Competence Centre and each of the National Coordination Centres. The agreement shall ~~provide for~~consist of the same set of general conditions providing the rules governing the relationship and division of tasks between the Competence Centre and each National Coordination Centre and special conditions tailored on the particular National Coordination Centre.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 7 – paragraph 1 – point a

(a) supporting the Competence Centre in achieving its objectives and in particular in establishing and coordinating the Cybersecurity Competence Community;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 7 – paragraph 1 – point b

(b) promoting, encouraging and facilitating the participation of ~~industry~~civil society, industry, in particular start-ups and SMEs, academic and research community, and other actors at the Member State level in cross-border projects;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 7 – paragraph 1 – point c

(c) contributing, together with the Competence Centre, to identifying and addressing sector-specific cyber security ~~industrial~~ challenges;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 7 – paragraph 1 – point e

(e) seeking to establish synergies with relevant activities at the national ~~and~~, regional and local level;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 7 – paragraph 1 – point f a (new)

(f a) promoting and disseminating a common minimal cybersecurity educational curricula in cooperation with the relevant bodies in the Member States;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 7 – paragraph 1 – point g

(g) promoting and disseminating the relevant outcomes of the work by the Network, the Cybersecurity Competence Community and the Competence Centre at national or, regional, or local level;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 7 – paragraph 1 – point h

(h) assessing requests by entities and individuals established in the same Member State as the Coordination Centre for becoming part of the Cybersecurity Competence Community.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 8 – paragraph 1

1. The Cybersecurity Competence Community ~~shall~~ contributes to the mission of the Competence Centre as laid down in Article 3 and enhances and disseminates cybersecurity expertise across the Union and provides technical expertise.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 8 – paragraph 2

2. The Cybersecurity Competence Community shall consist of civil society, industry, academic and ~~non-profit research organisations, and associ~~research community, associations, individual experts, relevant European Standardisation Organisations, as well as public entities and other entities dealing with operational and technical matters in the area of cybersecurity. It shall bring together the main stakeholders with regard to cybersecurity technological ~~and industrial capac~~, industrial, academic and research, and societal capacities and capabilities in the Union~~. It~~ and shall involve National Coordination Centres as well as Union institutions and bodies with relevant expertise..

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 8 – paragraph 3 – introductory part

3. Only entities which are established, and individuals resident within the Union may be accredited as members of the Cybersecurity Competence Community. They Governing Board shall specify criteria for cybersecurity expertise and applicants shall demonstrate that they ~~have cybersecurity~~can provide such expertise with regard to at least one of the following domains:

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 8 – paragraph 3 – point a

(a) academia or research;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 8 – paragraph 3 – point a a (new)

(a a) ethics;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 8 – paragraph 3 – point b a (new)

(b a) professional services or the deployment thereof;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 8 – paragraph 3 – point b b (new)

(b b) formal and technical standardisation and specifications;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 8 – paragraph 4

4. The Competence Centre shall accredit entities established under national law, or individuals, as members of the Cybersecurity Competence Community after an assessment made by the National Coordination Centre of the Member State where the entity is established, or the individual is a resident, on whether that entity or individual meets the criteria provided for in paragraph 3. An accreditation shall not be limited in time but may be revoked by the Competence Centre at any time if it or the relevant National Coordination Centre considers that the entity does not fulfil the criteria set out in paragraph 3 or it falls under the relevant provisions set out in Article 136 of Regulation XXX [new financial regulation]. The National Coordination Centres of the Member States shall aim to achieve a balanced representation of stakeholders in the Community, actively stimulating participation from under- represented categories and groups of individuals.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 10 – paragraph 1

1. The Competence Centre shall cooperate with relevant Union institutions, bodies, offices and agencies including the European Union Agency for Network and Information Security (ENISA), the Computer Emergency Response Team (CERT-EU), ~~the European External Action Service,~~ the Joint Research Centre of the Commission, the Research Executive Agency, the Innovation and Networks Executive Agency, as well as the European Cybercrime Centre at Europol ~~as well as the European Defence Agency~~.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 10 – paragraph 2

2. Such cooperation shall take place within the framework of working arrangements. Those arrangements shall be ~~submitted to the~~adopted by the Governing Board after prior approval of the Commission.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 12 – paragraph 1

1. The Governing Board shall be composed of one representative of each Member State, five representatives from the European Parliament, and five representatives of the Commission, on behalf of the Union.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 12 – paragraph 3

3. Members of the Governing Board and their alternates shall be appointed in light of their knowledge in the field of ~~technolog~~cybersecurity as well as of relevant managerial, administrative and budgetary skills. The Commission and the Member States shall make efforts to limit the turnover of their representatives in the Governing Board, in order to ensure continuity of the Board’s work. The Commission and the Member States shall ~~aim to~~ achieve a balanced representation between men and women on the Governing Board.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 12 – paragraph 6

6. The ~~Commission~~Governing Board may invite observers, including representatives of relevant Union bodies, offices and agencies, to take part in the meetings of the Governing Board as appropriate.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 12 – paragraph 7

7. The European Agency for Network and Information Security (ENISA) shall ~~be a~~ permanent ~~observer in the Governing Board~~ly take part in the deliberations of the Governing Board, in an advisory role without voting rights.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 13 – paragraph 3 – point e a (new)

(e a) adopt the working arrangements referred to in Article 10(2);

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 13 – paragraph 3 – point l

(l) promote the cooperation of the Competence Centre with global~~ly, so as to raise its attractiveness and make it a world-class body for excellence in cybersecurity~~ actors;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 16 – paragraph 3

3. The Executive Director shall be appointed by the Governing Board from a list of candidates proposed by the Commission, following an open ~~and~~, transparent and non-discriminatory selection procedure.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 16 – paragraph 3 a (new)

3 a. Before appointment, the candidate selected by the Governing Board shall make a statement before the relevant committee of the European Parliament and answer Members’ questions when invited to do so.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 16 – paragraph 5

5. The term of office of the Executive Director shall be f~~our~~ive years. By the end of that period, the ~~Commission~~Governing Board shall carry out an assessment which takes into account the evaluation of the performance of the Executive Director and the Competence Centre’s future tasks and challenges.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 16 – paragraph 6

6. The Governing Board may, ~~acting on a proposal from the Commission which takes~~taking into account the assessment referred to in paragraph 5, extend once the term of office of the Executive Director for no more than f~~our~~ive years.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 16 – paragraph 8

8. The Executive Director shall be removed from office only by decision of the Governing Board, acting on its own initiative or on a proposal from the Commission.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 17 – paragraph 2 – point h

(h) prepare an action plan following-up on the conclusions of the retrospective evaluations and reporting on progress every two years to the Commission and the European Parliament;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 17 – paragraph 2 – point s

(s) prepare an action plan following-up conclusions of internal or external audit reports, as well as investigations by the European Anti-Fraud Office (OLAF) and reporting on progress twice a year to the Commission and the European Parliament and regularly to the Governing Board;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 17 – paragraph 2 – point v

(v) ensure effective communication with the Union's institutions and report to the European Parliament and to the Council annually or on invitation;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 3 – point c a (new)

(ca) supporting the development of independent products and processes that can be freely studied, shared, and built upon, in particular in the field of verified and verifiable hard- and software, in close cooperation with the industry, the Network and the Community;

2019/01/17
Committee: ITRE

Proposal for a regulation
Article 18 – paragraph 1

1. The Industrial and Scientific Advisory Board shall consist of no more than 16 members. The members shall be appointed by the Governing Board from among the representatives of the entities of the Cybersecurity Competence Community according to an open, transparent and non-discriminatory procedure. The Board shall include at least three members each from industry, academic community and civil society including consumer organisations.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 19 – paragraph 1

1. The Industrial and Scientific Advisory Board shall meet at least t~~wice~~hree times a year.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 19 – paragraph 2

2. The Industrial and Scientific Advisory Board may advise the Governing Board on the establishment of working groups on specific issues relevant to the work of the Competence Centre where necessary under the overall coordination of one or more members of the Industrial and Scientific Advisory Board.deleted

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 20 – paragraph 1 – point 1 a (new)

(1 a) advise the Governing Board on the establishment of working groups on specific issues relevant to the work of the Competence Centre;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 21 – paragraph 4

~~4. The Union financial contribution shall not cover the tasks referred to in Article 4(8)(b)~~deleted

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 22 – paragraph 4

4. The Commission may terminate, proportionally reduce or suspend the Union’s financial contribution to the Competence Centre if the participating Member States do not contribute, or contribute only partially ~~or contribute late~~ with regard to the contributions referred to in paragraph 1.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 23 – paragraph 4 – point a

(a) the Union's and participating Member States' financial contributions to the administrative costs;

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 23 – paragraph 8 a (new)

8 a. The Competence Centre shall cooperate closely with other Union institutions, agencies, and bodies in order to reduce administrative costs.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 4 – paragraph 1 – point 6 – point c a (new)

(ca) supporting research in the field of cybercrime (computer-oriented crime)

2019/01/17
Committee: ITRE

Proposal for a regulation
Article 35 – paragraph 2

2. The Competence Centre shall ensure that the public and any interested parties are ~~given appropriat~~provided with comprehensive, objective, reliable and easily accessible information, in particular with regard to the results of ~~its~~the work of the Competence Centre, the Network, the Industry and Scientific Advisory Board and the Community. It shall also make public the declarations of interest made in accordance with Article 412.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 35 – paragraph 2 a (new)

2 a. The Competence Centre shall provide the public and any interested parties with a list of the Cybersecurity Competence Community members and shall make public the declarations of interest made by them in accordance with Article 42.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 38 a (new)

Article 38 a Legal Personality of the Competence Centre 1. The Competence Centre shall have legal personality. 2. In each Member State, the Competence Centre shall enjoy the most extensive legal capacity accorded to legal persons under the laws of that Member State. It may, in particular, acquire or dispose of movable and immovable property and may be a party to legal proceedings.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 42 – paragraph 1

The Competence Centre Governing Board shall adopt rules for the prevention ~~and management of conflicts of interest in respect of its members, bodies and staff. Those rules shall contain the provisions intended to avoid a~~, identification, and resolution of conflicts of interest in respect of ~~the representatives of the members serving in~~its members, bodies and staff, the Governing Board, as well as the Scientific and Industrial Advisory Board ~~in accordance with Regulation XXX [new Financial Regulation]~~, and the Community.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 42 – paragraph 1 a (new)

Member States shall ensure the prevention, identification, and resolution of conflicts of interest in respect of the National Coordination Centres.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 42 – paragraph 1 b (new)

The rules referred to in paragraph 1 shall comply with Regulation (EU, Euratom) 2018/1046.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 44 – title

Seat and Support from the host Member State

2018/12/13
Committee: IMCO

-1 The seat of the Competence Centre shall be located in [Brussels, Belgium].

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 44 – paragraph –1 a (new)

-1 a The host Member State shall provide the best possible conditions to ensure the proper functioning of the Competence Centre, including a single location, the accessibility of the location, the existence of adequate education facilities for the children of staff members, appropriate access to the labour market, social security and medical care for both children and partners.

2018/12/13
Committee: IMCO

Proposal for a regulation
Article 44 – paragraph 1

An administrative agreement ~~may~~shall be concluded between the Competence Centre and the Member State [Belgium] in which its seat is located concerning privileges and immunities and other support to be provided by that Member State to the Competence Centre.

2018/12/13
Committee: IMCO