9 Amendments of Stavros LAMBRINIDIS related to 2007/0248(COD)
Amendment 30 #
Proposal for a directive – amending act
Recital 26 a (new)
Recital 26 a (new)
Amendment 56 #
Proposal for a directive – amending act
Article 2 - point 3 - point b
Article 2 - point 3 - point b
Directive 2002/58/EC
Article 4 - paragraph 3
Article 4 - paragraph 3
3. In case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed in connection with the provision of publicly available communications services in the Community, theand providers of publicly available electronic communications servicesInformation society services in the Community, the provider shall, without undue delay, notify the subscriber concernedall affected persons and the national regulatory authority of such a breach. The notification to the subscriber shall at least describe the nature of the breach and recommend measures to mitigate its possible negative effects. The notification to the national regulatory authority shall, in addition, describe the consequences of and the measures taken by the provider to address the breach. NRAs must, at regular intervals, carry out statistical analyses, on a company-by- company and industry-wide basis, on the types and frequency of data breaches during said intervals, as well as on the speed and effectiveness of the mitigation of such breaches. NRAs must also monitor whether companies have faithfully executed their notification obligations under this article and impose appropriate sanctions, including publication, as appropriate, in case of a breach.
Amendment 64 #
Proposal for a directive – amending act
Article 2 - point 3 - point b
Article 2 - point 3 - point b
Directive 2002/58/EC
Article 4 - paragraph 4 - subparagraph 1
Article 4 - paragraph 4 - subparagraph 1
4. In order to ensure consistency in implementation of the measures referred to in paragraphs 1, 2 and 3, the Commission mayshould, following consultation with ENISA, the European Electronic Communications Market Authority (hereinafter referred to as “the Authority”), and the European Data Protection SupervisorData Protection Supervisor and the Article 29 Working Party, adopt technical implementing measures concerning inter alia the circumstances, format and procedures applicable to information and notification requirements referred to in this Article. The Commission shall involve all relevant stakeholders, particularly in order to be informed on best available solutions, both technically and economically, suitable to improve the implementation of the Directive.
Amendment 67 #
Proposal for a directive – amending act
Article 2 - point 4
Article 2 - point 4
Directive 2002/58/EC
Article 5 - paragraph 3
Article 5 - paragraph 3
3. Member States shall ensure that the storing of information, or gaining access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerne, either directly or indirectly and by means of any kind of storage medium, is prohibited unless the subscriber or user concerned has given her/his prior consent and is provided with clear and comprehensive information in accordance with Directive 95/46/EC, inter alia about the purposes of the processing and is offered the right to refuse such processing by the data controller. This shall not prevent any technical storage or access for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network, or as strictly necessary in order to provide an information society service explicitly requested by the subscriber or user.
Amendment 74 #
Proposal for a directive – amending act
Article 2 - point -5 a (new)
Article 2 - point -5 a (new)
Directive 2002/58/EC
Article 13 - paragraph 1
Article 13 - paragraph 1
(-5a) Article 13(1) shall be replaced by the following: 1. The use of automated calling and communication systems without human intervention (automatic calling machines), facsimile machines (fax), or electronic mail and cellular telephony services for the purposes of direct marketing may only be allowed in respect of users who have given their prior consent as defined in Directive 95/46/EC.
Amendment 82 #
Proposal for a directive – amending act
Article 2 - point -7 e (new)
Article 2 - point -7 e (new)
Directive 2002/58/EC
Article 15 - paragraph 1 a (new)
Article 15 - paragraph 1 a (new)
(-7e) In Article 15,the following paragraph 1a shall be added: 1a. Providers of publicly available communications services and providers of Information society services must notify the Independent Data Protection Authorities, without undue delay, on all requests for access to users’ personal data received pursuant to art. 15 par. 1, including the legal justification given and the legal procedure followed for each request; the Independent Data Protection Authority shall notify the appropriate judicial authorities in cases in which it deems that the established provisions, under national law, have not been followed.
Amendment 83 #
Proposal for a directive – amending act
Article 2 - point 7
Article 2 - point 7
Directive 2002/58/EC
Article 15 a- paragraph 1
Article 15 a- paragraph 1
1. Member States shall lay down the rules on penalties - including penal sanctions, where appropriate - applicable to infringements of the national provisions adopted pursuant to this Directive and shall take all measures necessary to ensure that they are implemented. The penalties provided for must be effective, proportionate and dissuasive. The Member States shall notify those provisions to the Commission by the [time limit for implementation of the amending act] at the latest and shall notify it without delay of any subsequent amendment affecting them.
Amendment 84 #
Proposal for a directive – amending act
Article 2 - point 7
Article 2 - point 7
Directive 2002/58/EC
Article 15a - paragraph 4 − subparagraph 1
Article 15a - paragraph 4 − subparagraph 1
4. In order to ensure effective cross-border co-operation in the enforcement of the national laws adopted pursuant to this Directive and to create harmonised conditions for the provision of services involving cross-border data flows, the Commission may adopt technical implementing measures, following consultation with the AuthoriENISA, the Article 29 Working Party and the relevant regulatory authorities.
Amendment 86 #
Proposal for a directive – amending act
Article 2 - point 7 b (new)
Article 2 - point 7 b (new)
Directive 2002/58/EC
Article 18 a (new)
Article 18 a (new)
(7b) The following Article 18a is inserted: Article 18a No later than 2011, the Commission shall submit to the EP, the Council and the EESC a study on the development of hybrid public/private networks and their inclusion within scope of application of this directive, following the consultation of the Article 29 working Party and the EDPS.