Activities of Markéta GREGOROVÁ related to 2020/0365(COD)
Plenary speeches (1)
Resilience of critical entities (debate)
Shadow opinions (1)
OPINION on the proposal for a directive of the European Parliament and of the Council on the resilience of critical entities
Amendments (16)
Amendment 16 #
Proposal for a directive
Recital 2
Recital 2
(2) Despite existing measures at Union19 and national level aimed at supporting the protection of critical infrastructures in the Union, the entities operating those infrastructures are not adequately equipped to address current and anticipated future risks to their operations that may result in disruptions of the provision of services that are essential for the performance of vital societal functions or economic activities. This is due to a dynamic threat landscape with an evolving terrorist threathreat by hostile states and non-state actors and growing interdependencies between infrastructures and sectors, as well as an increased physical risk due to natural disasters and climate change, which increases the frequency and scale of extreme weather events and brings long- term changes in average climate that can reduce the capacity and efficiency of certain infrastructure types if resilience or climate adaptation measures are not in place. Moreover, relevant sectors and types of entities are not recognised consistently as critical in all Member States. _________________ 19European Programme for Critical Infrastructure Protection (EPCIP).
Amendment 19 #
(3) Those growing interdependencies are the result of an increasingly cross- border and interdependent network of service provision using key infrastructures across the Union in the sectors of energy, transport, banking, financial market infrastructure, digital infrastructure, drinking and waste water, health, certain aspects of public administration, as well as space in as far as the provision of certain services depending on ground-based infrastructures that are owned, managed and operated either by Member States or by private parties is concerned, therefore not covering infrastructures owned, managed or operated by or on behalf of the Union as part of its space programmes but which are also of relevance for the Common Security and Defence Policy (CSDP). These interdependencies mean that any disruption, even one initially confined to one entity or one sector, can have cascading effects more broadly, potentially resulting in far-reaching and long-lasting negative impacts in the delivery of services across the internal market. The COVID-19 pandemic has shown the vulnerability of our increasingly interdependent societies in the face of low- probability risks.
Amendment 20 #
Proposal for a directive
Recital 3 a (new)
Recital 3 a (new)
(3 a) The Union understands hybrid campaigns to be ‘multidimensional, combining coercive and subversive measures, using both conventional and unconventional tools and tactics (diplomatic, military, economic, and technological) to destabilise the adversary. They are designed to be difficult to detect or attribute, and can be used by state and non-state actors. The internet and online networks allow state and non-state actors to conduct aggressive action in new ways. They can be used to hack critical infrastructure, entities and democratic processes, launch persuasive disinformation and propaganda campaigns, steal information and unload sensitive data into the public domain. Large-scale cyber-attacks on critical entities and infrastructure across borders have the potential to invoke Article 222 TFEU (the 'solidarity clause').
Amendment 21 #
Proposal for a directive
Recital 3 b (new)
Recital 3 b (new)
(3 b) Large-scale cyber security incidents and crises at Union level, the high degree of interdependence between sectors and countries require a coordinated action to ensure a rapid and effective response, as well as better prevention and preparedness for similar situations in the future. The availability of cyber-resilient critical networks and entities, and information systems and the availability, confidentiality and integrity of data are vital for the security of the Union within as well as beyond its borders. Given the blurring of lines between the realms of civilian and military matters and the dual-use nature of cyber tools and technologies, there is a need for a comprehensive and holistic approach.
Amendment 27 #
Proposal for a directive
Recital 11
Recital 11
(11) The actions of Member States to identify and help ensure the resilience of critical entities should follow a risk-based approach that targets efforts to the entities most relevant for the performance of vital societal functions or economic activities. In order to ensure such a targeted approach, each Member State should carry out, within a harmonised framework, an assessment of all relevant natural and man- made risks that may affect the provision of essential services, including accidents, natural disasters, various effects of climate change, public health emergencies such as pandemics, hybrid threats and antagonistic threats, including terrorist offences. When carrying out those risk assessments, Member States should take into account other general or sector-specific risk assessment carried out pursuant to other acts of Union law and should consider the dependencies between sectors, including from other Member States and third countries. The outcomes of the risk assessment should be used in the process of identification of critical entities and to assist those entities in meeting the resilience requirements of this Directive.
Amendment 36 #
Proposal for a directive
Article 1 – paragraph 1 – introductory part
Article 1 – paragraph 1 – introductory part
1. This Directive lays down measures with a view to achieve a high level of resilience of critical entities in order to ensure the provision of essential services within the Union, and by doing so, ensuring the functioning of the internal market and the provisioning of essential social services. To that end, this Directive:
Amendment 39 #
Proposal for a directive
Article 2 – paragraph 1 – point 5
Article 2 – paragraph 1 – point 5
(5) “essential service” means a service which is essential for the maintenance of vital societal functions or economic activities, public safety, the environment, the rule of law and fundamental rights;
Amendment 41 #
Proposal for a directive
Article 3 – paragraph 2 – point a
Article 3 – paragraph 2 – point a
(a) strategic objectives and priorities for the purposes of enhancing the overall resilience of critical entities taking into account cross-border and cross-sectoral interdependencies; , also in the event of a hybrid threat;
Amendment 45 #
Proposal for a directive
Article 4 – paragraph 1 – subparagraph 1
Article 4 – paragraph 1 – subparagraph 1
The risk assessment shall account for all relevant natural and man-made risks, including accidents, natural disasters, public health emergencies, hybrid threats and large-scale incidents, antagonistic threats, including terrorist offences pursuant to Directive (EU) 2017/541 of the European Parliament and of the Council34 . _________________ 34Directive (EU) 2017/541 of the European Parliament and of the Council of 15 March 2017 on combating terrorism and replacing Council Framework Decision 2002/475/JHA and amending Council Decision 2005/671/JHA (OJ L 88, 31.3.2017, p. 6).
Amendment 48 #
Proposal for a directive
Article 6 – paragraph 1 – point b
Article 6 – paragraph 1 – point b
(b) the dependency of other sectors referred to in the Annex on that service, including sectors providing infrastructures and services for institutions in charge of security and defence;
Amendment 49 #
Proposal for a directive
Article 6 – paragraph 1 – point c
Article 6 – paragraph 1 – point c
(c) the impacts that incidents could have, in terms of degree and duration, on economic and societal activities, the environment and public safety, the rule of law and fundamental rights;
Amendment 51 #
Proposal for a directive
Article 8 – paragraph 5
Article 8 – paragraph 5
5. Member States shall ensure that their competent authorities, whenever appropriate, and in accordance with Union and national law, consult and cooperate with other relevant national authorities, in particular those in charge of civil protection, law enforcement, security and defence and protection of personal data, as well as with relevant interested parties, including critical entities.
Amendment 54 #
Proposal for a directive
Article 11 – paragraph 1 – point a
Article 11 – paragraph 1 – point a
(a) prevent incidents from occurring, including through disaster risk reduction and climate adaptation measures and measures contributing to the fight against climate change;
Amendment 59 #
Proposal for a directive
Article 13 – paragraph 2 – point a a (new)
Article 13 – paragraph 2 – point a a (new)
(a a) the impact on human life and the environmental consequences;
Amendment 63 #
Proposal for a directive
Article 16 – paragraph 7 a (new)
Article 16 – paragraph 7 a (new)
7 a. The Critical Entities Resilience Group, in the spirit of security cooperation and open access, shall regularly publish its findings and appropriately anonymised source data for the general public for use in academia, security research and for other beneficial uses.
Amendment 64 #
Proposal for a directive
Article 17 – paragraph 2 a (new)
Article 17 – paragraph 2 a (new)
2 a. In order to receive and properly use the information received according to article 13 the Commission shall keep a European registry of incidents and develop a common European reporting centre, with the aim of developing and sharing best practices and methodologies.