Activities of Jan Philipp ALBRECHT related to 2012/0146(COD)
Plenary speeches (1)
European single market for electronic communications - Measures to reduce the cost of deploying high-speed electronic communications networks - Electronic identification and trust services for electronic transactions in the internal market (debate)
Shadow opinions (1)
OPINION on the proposal for a regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market
Amendments (5)
Amendment 53 #
Proposal for a regulation
Recital 23 a (new)
Recital 23 a (new)
(23a) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data1 governs the processing of personal data carried out in the Member States pursuant to this Regulation and under the supervision of the Member States competent authorities, in particular the public independent authorities designated by the Member States. _____________ 1 OJ L 281, 23.11.1995, p. 31
Amendment 66 #
Proposal for a regulation
Article 3 – paragraph 1 – point 1
Article 3 – paragraph 1 – point 1
(1) ‘electronic identification’ means the process of using person identification data in electronic form unambiguously representing a natural or legal person or a pseudonym thereof;
Amendment 77 #
Proposal for a regulation
Article 6 a (new)
Article 6 a (new)
Amendment 84 #
Proposal for a regulation
Article 8 a (new)
Article 8 a (new)
Article 8a Security requirements applicable to electronic identification schemes and personal data breach 1. Member States shall take appropriate technical and organisational measures to manage the risks posed to the security of the electronic identification schemes they provide. Having regard to state of the art, these measures shall ensure that the level of security is appropriate to the degree of risk. In particular, measures shall be taken to prevent and minimise the impact of security incidents and inform stakeholders of adverse effects of any incidents. Any Member State may submit the report of a security audit carried out by a recognised independent body to the supervisory body to confirm that appropriate security measures have been taken. 2. Member States shall, without undue delay and where feasible not later than 24 hours after having become aware of it, notify the competent supervisory body, the competent national body for information security and other relevant third parties such as data protection authorities of any breach of security or loss of integrity that has a significant impact on the electronic identification provided and on the personal data maintained therein. Where appropriate, in particular if a breach of security or loss of integrity concerns two or more Member States, the supervisory body concerned shall inform supervisory bodies in other Member States and the European Network and Information Security Agency (ENISA). The supervisory body concerned may also inform the public or require the electronic identification scheme to do so, where it determines that disclosure of the breach is in the public interest. 3. The supervisory body shall provide to ENISA and to the Commission once a year with a summary of breach notifications received from electronic identification schemes. 4. In order to implement paragraphs 1 and 2, the competent supervisory body shall have the power to issue binding instructions to Member States. 5. The Commission shall be empowered to adopt delegated acts, in accordance with Article 38, concerning the further specification of the measures referred to in paragraph 1. 6. The Commission may, by means of implementing acts, define the circumstances, formats and procedures, including deadlines, applicable for the purpose of paragraphs 1 to 3. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 39(2).
Amendment 115 #
Proposal for a regulation
Article 19 – paragraph 2 – point i
Article 19 – paragraph 2 – point i
(i) ensure lawful processing of personal data in accordance with Article 11 and demonstrate this compliance.