56 Amendments of Elissavet VOZEMBERG-VRIONIDI related to 2017/2068(INI)
Amendment 17 #
Motion for a resolution
Citation 15 a (new)
Citation 15 a (new)
- Having regard to the Report of the Conference on jurisdiction in cyberspace held on the 7th and 8th of March 2016 in Amsterdam,
Amendment 38 #
Motion for a resolution
Recital B
Recital B
B. whereas the lines between cybercrime, cyber espionage, cyber warfare, cyber sabotage and cyber terrorism are becoming increasingly blurred; whereas cybercrimes can target individuals, public or private entities and cover a wide range of offences, including privacy breaches, copyright infringement, child pornography, online incitement to hate, hate speech, the dissemination of fake news with malicious intent, financial crime and fraud, as well as illegal system interference;
Amendment 50 #
Motion for a resolution
Recital C a (new)
Recital C a (new)
Ca. Whereas there was an increase of 20% in the attacks on the servers of the European Commission in 2016 compared to 2015;
Amendment 54 #
Motion for a resolution
Recital D
Recital D
D. the key focus of cyber-attacks remains on sensitive personal information such as health or financial records, but attacks on industrial control systems and networks aimed at destroying economic structures and destabilising societies as lately the "WannaCry" hacker attack are growing in number; whereas the majority of international requests for data are related to fraud and financial crime, followed by violent and serious crime;
Amendment 56 #
Motion for a resolution
Recital D a (new)
Recital D a (new)
Da. Whereas the World Economic Forum’s Global Risks Report 2017 lists massive incident of data fraud or theft as one of the five major global risks in terms of likelihood;
Amendment 62 #
Motion for a resolution
Recital F
Recital F
F. whereas the TELE2 judgannulment of the CJEU imposes stringent limitData Retention Directive by the CJEU in its ruling of 8 April 2014 as well as the prohibition of general and indiscriminate data retention as con police and judicial access to the data of cybercrime suspectsfirmed by the ruling of the CJEU in its TELE2 judgment of 21 December 2016 imposes stringent limits on access of competent authorities to data and thereby affects their ability to effectively prosecute criminal activity online;
Amendment 70 #
Motion for a resolution
Recital G
Recital G
G. whereas children are particularly vulnerable to cyber bullying, online grooming and other forms of sexual exploitation online and therefore require special protection;
Amendment 91 #
Motion for a resolution
Recital I a (new)
Recital I a (new)
Ia. Whereas the fight against cybercrime is a priority under the European Agenda on Security of 28 April 2015, which includes a commitment from the Commission to review obstacles to cybercrime investigations, notably on rules on access to evidence and information;
Amendment 100 #
Motion for a resolution
Paragraph 1
Paragraph 1
1. Stresses that the sharp increase in ransomware, botnets and the unauthorised impairment of computer systems has an impact on the security of individuals, the availability and integrity of their personal data, as well as on the protection of privacy and fundamental freedoms;
Amendment 110 #
Motion for a resolution
Paragraph 2 a (new)
Paragraph 2 a (new)
2a. Strongly urges those Member States that have not yet done so to transpose Directive 2011/93/EU on combating the sexual abuse and sexual exploitation of children and child pornography; calls on the Commission to strictly monitor its full and effective implementation, and to report back to Parliament, and its committee responsible, on its findings in a timely manner;
Amendment 111 #
Motion for a resolution
Paragraph 2 a (new)
Paragraph 2 a (new)
2 a. Recalls Member States of a swift, fast and correct implementation of the Directive 2011/92/EU of the European Parliament and of the Council of 13 December 2011 on combating the sexual abuse and sexual exploitation of children and child pornography, and replacing Council Framework Decision 2004/68/JHA
Amendment 113 #
Motion for a resolution
Paragraph 3
Paragraph 3
3. Deplores that half of the companies in Europe have experienced at least one cyber security incident and that cyber-attacks against businesses often remain undetected or unreported; believes that the obligation to disclose security breaches introduced by the GDPR will help to address this problem;
Amendment 118 #
Motion for a resolution
Paragraph 3
Paragraph 3
3. Deplores that cyber-attacks against businesses often remain undetected or unreported; believes that the obligation to disclose security breaches introduced by the GDPR and the NIS Directive will help to address this problem;
Amendment 119 #
Motion for a resolution
Paragraph 3 a (new)
Paragraph 3 a (new)
3a. Is highly concerned with the recent global ransomware attack, which appeared to have affected tens of thousands computers in nearly 100 countries and numerous organisations, inter alia the National Health Service (NHS) in the UK, the highest-profile victim of this extensive malware hit; recognises, in this context, the important work of the No More Ransom (NMR) initiative which provides over 40 free decryption tools allowing victims of ransomware worldwide to decrypt their affected devices;
Amendment 136 #
Motion for a resolution
Paragraph 5 a (new)
Paragraph 5 a (new)
5a. Is concerned that the Internet will become a powerful tool for terrorists, who increasingly use it to share information, coordinate attacks, spread propaganda, raise funds and recruit; calls, for this reason, on the Member States to take the necessary measures in accordance with Directive 2017/541/EU in order to remove online terrorist content hosted or, where this is not feasible, to block access thereto within their territory;
Amendment 138 #
Motion for a resolution
Paragraph 5 b (new)
Paragraph 5 b (new)
5b. Underlines that cross-border requests for domain seizures, content takedowns and access to user data pose serious challenges that require urgent action, as the stakes involved are high; stresses in this context, that international human rights frameworks, which apply online as well as offline, represent a substantive benchmark at global level;
Amendment 142 #
Motion for a resolution
Paragraph 6
Paragraph 6
6. Acknowledges that technological advances in encryption allow legitimate users to better protect their data, but points out that malicious users, including terrorists and child sex offenders, deploy the same techniques to conceal their criminal activities and identities, causing serious challenges for investigations;
Amendment 147 #
Motion for a resolution
Paragraph 6 a (new)
Paragraph 6 a (new)
6a. Stresses the need to ensure that law enforcement and judicial authorities have the expertise, tools, legislative and regulatory means at their disposal to disrupt the criminal business model, given that it is not always technically feasible to disclose the data or to circumvent the encryption used by cybercriminals;
Amendment 148 #
Motion for a resolution
Paragraph 7
Paragraph 7
7. Calls on the Member States to step up their efforts in relation to victim identification and victim-centred services; Calls therefore for the setting up of related platforms as a matter of urgency and for the strengthening of existing databases within Europol with the aim of ensuring that all internet users are aware of the risks and know how to appeal for help in case they are illegally targeted online;
Amendment 153 #
Motion for a resolution
Paragraph 7 a (new)
Paragraph 7 a (new)
Amendment 173 #
Motion for a resolution
Paragraph 10
Paragraph 10
10. Welcomes, in this regard, the investment of EU funds in research projects such as the public-private partnership (PPP) on cybersecurity, to foster European cyber-resilience through innovation and capacity building; recognises particularly the efforts made by the Cybersecurity-PPP to develop appropriate responses to handling zero- day vulnerabilities;
Amendment 182 #
Motion for a resolution
Paragraph 11
Paragraph 11
11. Urges the Member States to step up information exchanges and best practices sharing on the challenges they face in the fight against cybercrime, as well as on solutions to address them;
Amendment 193 #
Motion for a resolution
Paragraph 13
Paragraph 13
13. Calls on the Commission and the Member States to launch awareness-raising campaigns, including educational programs in primary and secondary schools, to ensure that citizens, in particular children and other vulnerable users, and the private sector are aware of the risks posed by cybercrime, and to promote the use of security measures such as encryption;
Amendment 194 #
Motion for a resolution
Paragraph 13
Paragraph 13
13. Calls on the Commission and the Member States to launch awareness-raising campaigns to ensure that citizens, in particular children and other vulnerable users, and the private sector are aware of the risks posed by cybercrime, and to promote the use of security measures such as encryption or other security and privacy enhancing technologies;
Amendment 206 #
Motion for a resolution
Paragraph 13 a (new)
Paragraph 13 a (new)
13a. Urges the Member States to consider including in the computing education curricula of primary and secondary schools a component dedicated to cybersecurity, which would contribute to the prevention of cybercrime;
Amendment 218 #
Motion for a resolution
Paragraph 14 a (new)
Paragraph 14 a (new)
14a. Believes that with the innovation and growing accessibility of the IoT devices, special attention shall be given to the security of all, even very simple devices; urges the Commission and Member States to promote the security by design approach and urges the industry to include by design security solutions in all these devices;
Amendment 240 #
Motion for a resolution
Paragraph 17
Paragraph 17
17. Believes that innovation should not be hampered by unnecessary red tape for software developers and hardware producers; encourages the private sector to implement voluntary measures aimed at bolstering trust in the security of software and devices, such as the IoT trust label; encourages the private sector to exchange information on the cybersecurity threats;
Amendment 258 #
Motion for a resolution
Paragraph 18 a (new)
Paragraph 18 a (new)
18a. Encourages service providers to join the established Code of Conduct on illegal online hate speech and encourages the Commission and participating companies to continue cooperation on that issue;
Amendment 269 #
Motion for a resolution
Paragraph 19
Paragraph 19
19. Calls on the Commission to investigate the legal scope for improving the accountability of service providers and for imposing an obligation to respond to foreign EU law-enforcement requests;
Amendment 281 #
Motion for a resolution
Paragraph 20
Paragraph 20
20. Calls on the Member States to impose the same encryptionsecurity obligations on online service providers as those, which apply to, including privacy-enhancing technologies on all providers, online service providers and providers of traditional telecommunications services;
Amendment 289 #
Motion for a resolution
Paragraph 21
Paragraph 21
21. Underlines that illegal online content should be removed immediately; highlights the role of ISPs in ensuring the fast and efficient removal of illegal online content at the request of the responsible law enforcement authority; welcomes, in this context, the progress achieved concerning the blocking and removal of illegal content online, but stresses the need for a stronger commitment on the part of platform service providers to respond quickly and effectively;
Amendment 290 #
Motion for a resolution
Paragraph 21
Paragraph 21
21. Underlines that illegal online content should be removed immediately; welcomes, in this context, the progress achieved concerning the blocking and removal of illegal content online, in particular Code of Conduct on countering illegal online hate speech signed in 2016, but stresses the need for a stronger commitment on the part of platform service providers to respond quickly and effectively;
Amendment 294 #
Motion for a resolution
Paragraph 21 a (new)
Paragraph 21 a (new)
21a. Urges the Commission and the Member States to put in place all juridical measures to fight against the phenomenon of violence against women online and cyber bullying; in particular asks to the EU and the Member States to combine forces in order to create a criminal offence framework that obliges online corporations to delete or to stop the spreading of degrading, offensive and humiliating content; it also asks to put in place psychological support for women victims of violence online and girls cyber bullied;
Amendment 307 #
Motion for a resolution
Paragraph 22
Paragraph 22
22. Is concerned that a considerable number of cybercrimes remain unpunished; emphasises the need to allow lawful access to relevant information, even if it has been encrypted, if such access is imperative for reasons of security and justicefor sufficient capabilities of judicial and law enforcement authorities to lead legitimate investigations;
Amendment 316 #
Motion for a resolution
Paragraph 23 a (new)
Paragraph 23 a (new)
23a. Urges Member States to fully cooperate with Eurojust in particular to determine and exchange best practices;
Amendment 320 #
Motion for a resolution
Paragraph 24
Paragraph 24
24. Stresses that lawful hackinginterception must be a measure of last resort, which has to be necessary, proportionate, based on due legal process and in full compliance with fundamental rights and EU data protection and case law; calls on all Member States to establish clear rules regarding the authorisation process for lawful hackinginterception activities, including restrictions on the use and duration of lawful hackinginterception tools, to set up an oversight mechanism, and to provide effective legal remedies for the targets of these hackinginterception activities;
Amendment 323 #
Motion for a resolution
Paragraph 24 a (new)
Paragraph 24 a (new)
24a. Regrets that the lack of a European data retention regime causes uncertainty about the possibilities to obtain data from private parties; calls therefore for a new legislative initiative to be set forth in order to mitigate the fragmentation of the legal framework on data retention across the Union;
Amendment 338 #
Motion for a resolution
Paragraph 28 a (new)
Paragraph 28 a (new)
28a. Stresses the need to prioritize the development of shared procedural standards on enforcement jurisdiction in cyberspace, at European and in the long term, at global level, which determine the territorial factors that provide grounds for the applicable law in cyberspace and define investigative measures which can be used regardless of geographic borders; welcomes, in this regard, the work done by the Cloud Evidence Group of the Council of Europe;
Amendment 341 #
Motion for a resolution
Paragraph 28 b (new)
Paragraph 28 b (new)
28b. Recognizes that such a common European approach, which needs to respect fundamental rights and privacy, will build trust among stakeholders, reduce the treatment delays of cross- border requests, establish interoperability among heterogeneous actors and give the opportunity to incorporate due process requirements in operational frameworks;
Amendment 348 #
Motion for a resolution
Paragraph 29 a (new)
Paragraph 29 a (new)
29a. Welcomes the ongoing works of the Commission on a cooperation platform with a secure communication channel for digital exchanges of European Investigation Orders (EIOs) for e-evidence and replies between EU judicial authorities; invites the Commission in association with Member States and service providers to move forward with using aligned forms and tools in order to facilitate authentication, to ensure swift procedures and to increase transparency and accountability of the process of securing and obtaining e- evidence; stresses in this context that streamlining service providers’ policies will help reduce the heterogeneity of approaches, notably regarding procedures and conditions for granting access to the requested data;
Amendment 349 #
Motion for a resolution
Paragraph 29 b (new)
Paragraph 29 b (new)
29b. Calls on the Commission to put forward a European legal framework which facilitates cross-border access to e- evidence while preserving successful cooperation models between Member States where they exist; believes that such a framework should include harmonized rules to determine the status of a provider as domestic or foreign, mitigating measures such as notifications to other possibly affected countries, the obligation of service providers operating in the EU to respond to requests from foreign EU law enforcement authorities, as well as conditions and minimum safeguards for such direct access in full compliance with fundamental rights and EU data protection law; stresses that this will reinforce mutual trust and loyal cooperation between the Member States, give legal certainty to and reduce the level of complexity for stakeholders and remove conflicting obligations, which constitute a great obstacle to cooperation;
Amendment 351 #
Motion for a resolution
Paragraph 30
Paragraph 30
30. Underlines the importance of close cooperation between law enforcement authorities and the private sector on the issue of access to e-evidence; Underlines that establishment of 24/7 Single Points of Contact within Member States will improve direct cooperation with service providers, facilitate access to e-evidence and sharing of information as well as accelerate the MLA proceedings; urges the Member States concerned to eliminate criminal law provisions prohibiting domestic service providers from responding to foreign law enforcement requests;
Amendment 358 #
Motion for a resolution
Paragraph 30 a (new)
Paragraph 30 a (new)
30a. Stresses the need for an EU e- evidence Framework to include sufficient safeguard for the rights and freedoms of all concerned; highlights that this should include a requirement that requests for e- evidence are directed in the first instance to the controller or processor of data, in order to ensure that the data protection safeguards are respected;
Amendment 366 #
Motion for a resolution
Paragraph 31
Paragraph 31
31. Calls on the Commission to put forward a European legal framework for e- evidence, including harmonised rules to determine the status of a provider as domestic or foreign, and to impose an obligation on service providers to respond to requests based on due legal process from third countries, with a view to ensuring legal certainty for stakeholders and removing obstacles to cooperation;
Amendment 384 #
Motion for a resolution
Paragraph 34 a (new)
Paragraph 34 a (new)
34a. Deplores that currently no EU- standards for training and certification exist; acknowledges that future trends in cybercrime require an increasing level of expertise from practitioners; welcomes that existing initiatives such as the European Cybercrime Training and Education Group (ECTEG), the Training of Trainers (TOT) Project and the training activities under the EU Policy Cycle framework are already paving the way towards addressing the expertise gap at EU level;
Amendment 392 #
Motion for a resolution
Paragraph 36
Paragraph 36
36. Underlines that the number of cybercrime offences referred to Eurojust has increased by 30 %; Calls for sufficient funding and posts to be made available to the European Union’s Judicial Cooperation Unit (Eurojust) to allow the agency to cope with its increasing workload, as well as to develop and strengthen further its support to national cybercrime prosecutors in cross-border cases, including via the recently established European Judicial Cybercrime Network;
Amendment 395 #
Motion for a resolution
Paragraph 36 a (new)
Paragraph 36 a (new)
36a. Underlines the necessity to renew the mandate and provide sufficient funding to ENISA to allow it to enhance its capabilities to prevent and fight cybercrime;
Amendment 396 #
Motion for a resolution
Paragraph 36 b (new)
Paragraph 36 b (new)
36b. Asks the Fundamental Rights Agency (FRA) to draw up a practical and detailed handbook providing guidelines regarding supervisory and scrutiny controls for Member States;
Amendment 403 #
Motion for a resolution
Paragraph 37 a (new)
Paragraph 37 a (new)
37a. Call on the Member States to ratify and fully implement the Convention of the Council of Europe on CyberCrime ("Budapest Convention") and, in cooperation with the European Commission, to promote it in the appropriate international fora;
Amendment 404 #
Motion for a resolution
Paragraph 37 a (new)
Paragraph 37 a (new)
37a. Calls on the Member States to ensure sufficient capacity for handling MLA requests related to investigations in cyberspace and to develop relevant training programmes for the staff responsible for handling such requests;
Amendment 410 #
Motion for a resolution
Paragraph 38
Paragraph 38
38. Underlines that strategic and operational cooperation agreements between Europol and third countries facilitate both the exchange of information and practical cooperation; invites Europol to conclude agreements with all countries listed in the annex to the Europol regulas well as international organizations concluded before the entry into force of the Europol regulation facilitate both the exchange of information and practical cooperation; invites the Commission and the Council to take the necessary measures to allow Europol to transfer personal data to an authority of a third country or to an international organization, in due coursesofar as such transfer is necessary for the performance of Europol's tasks;
Amendment 413 #
Motion for a resolution
Paragraph 39
Paragraph 39
39. Takes note of the fact that the highest number of law enforcement requests is sent to the United States and Canada; is concerned that the voluntary disclosure rate of big US service providers in response to requests from European criminal justice authorities falls short of 60 %; and recognizes that Chapter V of the GDPR, mutual legal assistance treaties and other international agreements are the preferred mechanism to enable access to personal data;
Amendment 420 #
Motion for a resolution
Paragraph 39 a (new)
Paragraph 39 a (new)
39a. Highlights the importance of the NATO Cyber Incidents Response Centre;
Amendment 426 #
Motion for a resolution
Paragraph 40 a (new)
Paragraph 40 a (new)
40a. Calls on the Commission in cooperation with Member States, the associated European bodies and where necessary third countries to consider new ways to efficiently secure and obtain e- evidence hosted in third countries, in full compliance with fundamental rights and EU data protection law, by accelerating and streamlining the use of mutual legal assistance proceedings and where applicable mutual recognition;
Amendment 427 #
Motion for a resolution
Paragraph 40 b (new)
Paragraph 40 b (new)
40b. Calls on all Member States to participate in the Global Forum on Cyber Expertise (GFCE) in order to facilitate the establishment of partnerships to build capacity;
Amendment 431 #
Motion for a resolution
Paragraph 41 a (new)
Paragraph 41 a (new)
41a. Calls on the Member States that have not yet done so to ratify and implement fully the Convention on Cybercrime of 23 November 2001;