{"change_dates":[],"dossier":{"amendments":[{"authors":"Sabine L\u00f6sing","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-14","justification":"The Commission proposal should be rejected, since it is to be feared that the wide scope for\nintervention, coupled with undefined legal terms and definitions, will make it impossible to\nguarantee adequately respect for fundamental and civil rights.","location":[["Proposal for a directive","\u2013"]],"meps":[96854],"meta":{"created":"2019-07-03T05:08:31"},"old":[" The Committee on Foreign Affairs calls"," on the Committee on Civil Liberties,"," Justice and Home Affairs, as the"," committee responsible, to propose"," rejection of the Commission proposal on"," attacks against information systems and"," repealing Council Framework Decision"," 2005/222/JHA."],"orig_lang":"de","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"14","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Sabine L\u00f6sing","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-15","location":[["Proposal for a directive","Recital 1"]],"meps":[96854],"meta":{"created":"2019-07-03T05:08:31"},"new":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States, in","accordance with the principle of","separation of powers."],"old":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"15","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Teresa Riera Madurell","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-16","location":[[" Proposal for a directive","Recital 1"]],"meps":[28349],"meta":{"created":"2019-07-03T05:08:31"},"new":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States and the","Union; this objective forms part of the","Union\u2019s general strategy designed to","combat organised crime, secure","information networks more effectively,","protect critical information","infrastructures and safeguard data."],"old":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States."],"orig_lang":"es","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"16","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Teresa Riera Madurell","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-17","location":[[" Proposal for a directive","Recital 1 a (new)"]],"meps":[28349],"meta":{"created":"2019-07-03T05:08:31"},"new":["(1a) Information systems are vital to","political, social and economic interaction","in Europe. Society today is highly","dependent on such systems and is","becoming even more so. However, despite","their major benefits, they also embody a","number of risks to our security because of","their complexity and vulnerability to","various types of cybercrime. The security","of information systems is therefore a","constant concern and requires effective","responses from the Member States and","the Union."],"old":[""],"orig_lang":"es","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"17","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-18","location":[["Proposal for a directive","Recital 2"]],"meps":[28349],"meta":{"created":"2019-07-03T05:08:31"},"new":["Attacks against information systems are a","growing menace and may originate from","various quarters such as terrorism,","organised crime, states and individual","perpetrators. There is increasing concern","about the potential for terrorist or","politically motivated attacks against","information systems which form part of the","critical infrastructure of Member States and","the Union. The cross-border nature of","certain infringements and the relatively","low risks and costs to perpetrators,","coupled with the potentially high returns","and resulting damage inflicted, seriously","increases the risk of such attacks. This","constitutes a threat to the achievement of a","safer information society and an area of","freedom, security and justice, and therefore","requires a response at the level of not only","the European Union but also the","international community."],"old":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace,","and there is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"orig_lang":"es","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"18","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marietje Schaake","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-19","location":[["Proposal for a directive","Recital 2"]],"meps":[96945],"meta":{"created":"2019-07-03T05:08:31"},"new":["(2) There is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"old":["(2) Attacks against information systems,","in particular as a result of the threat from","organised crime, are a growing menace,","and there is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"19","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Andreas M\u00f6lzer","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-20","location":[[" Proposal for a directive","Recital 2"]],"meps":[28255],"meta":{"created":"2019-07-03T05:08:32"},"new":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace, as","evidenced by the cyber attacks on Estonia","and Georgia as a method of modern","warfare, and there is increasing concern","about the potential for terrorist or","economically or politically motivated","attacks against information systems which","form part of the critical infrastructure of","Member States and the Union. This","constitutes a threat to the achievement of a","safer information society and an area of","freedom, security and justice, and therefore","requires a response at the level of the","European Union."],"old":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace,","and there is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"orig_lang":"de","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"20","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Elena B\u0103sescu","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-21","location":[["Proposal for a directive","Recital 2"]],"meps":[96814],"meta":{"created":"2019-07-03T05:08:32"},"new":["(2) Attacks against information systems, in","particular those arising from of organised","crime, are a growing menace, and there is","increasing concern about the potential for","terrorist or politically motivated attacks","against information systems which form","part of the critical infrastructure of","Member States and the Union. This","constitutes a threat to the achievement of a","safer information society and an area of","freedom, security and justice, and therefore","requires a response at the level of the","European Union."],"old":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace,","and there is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"21","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Sabine L\u00f6sing","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-22","location":[["Proposal for a directive","Recital 2 a (new)"]],"meps":[96854],"meta":{"created":"2019-07-03T05:08:32"},"new":["(2a) A distinction between cyber attacks","and physical attacks is crucial. Therefore","a separate strategy to respond to such","attacks should be developed in respect of","attacks against information systems, in","full cooperation with national parliaments","and the European Parliament. Such a","strategy should not constitute a threat to,","or a breach of, human rights or","fundamental freedoms. Such a strategy","should not therefore be equivalent to a","response to an armed attack."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"22","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Teresa Riera Madurell","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-23","location":[[" Proposal for a directive","Recital 3"]],"meps":[28349],"meta":{"created":"2019-07-03T05:08:32"},"new":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to states, to the Union or to","particular functions in the public or private","sector. This tendency is accompanied by","the rapid development of computer","technology and, as a result, increasingly","sophisticated tools that can be used by","criminals to launch cyber-attacks of","various types, some of which have a great","potential to cause economic and social","damage."],"old":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to states or to particular functions in","the public or private sector. This tendency","is accompanied by the development of","increasingly sophisticated tools that can be","used by criminals to launch cyber-attacks","of various types."],"orig_lang":"es","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"23","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Andreas M\u00f6lzer","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-24","location":[[" Proposal for a directive","Recital 3"]],"meps":[28255],"meta":{"created":"2019-07-03T05:08:32"},"new":["(3) There is evidence of a tendency","towards increasingly dangerous targeted","and recurrent large scale attacks conducted","against information systems which are","critical to states or to particular functions in","the public or private sector. This tendency","is accompanied by the development of","increasingly sophisticated tools that can be","used by criminals to launch cyber-attacks","of various types."],"old":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to states or to particular functions in","the public or private sector. This tendency","is accompanied by the development of","increasingly sophisticated tools that can be","used by criminals to launch cyber-attacks","","of various types."],"orig_lang":"de","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"24","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marietje Schaake","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-25","location":[["Proposal for a directive","Recital 4 a (new)"]],"meps":[96945],"meta":{"created":"2019-07-03T05:08:32"},"new":["(4a) A thorough, reliable and independent","assessment of the overall level of threat of","attacks against information systems","should be carried out. The Union","institutions should adjust their level of","information security accordingly."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"25","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Tunne Kelam","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-26","location":[["Proposal for a directive","Recital 4 a (new)"]],"meps":[28424],"meta":{"created":"2019-07-03T05:08:32"},"new":["(4a) There is a need for coordination at","the level of the Union to help integrate","different initiatives, programmes and","activities."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"26","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Tunne Kelam","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-27","location":[["Proposal for a directive","Recital 4 b (new)"]],"meps":[28424],"meta":{"created":"2019-07-03T05:08:32"},"new":["(4b) A Union Cybersecurity Coordinator","should be appointed in order to facilitate","the integration and coordination of the","Union institutions\u2019 initiatives,","programmes and activities."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"27","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marietje Schaake","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-28","location":[[" Proposal for a directive","Recital 5 a (new)"]],"meps":[96945],"meta":{"created":"2019-07-03T05:08:32"},"new":["(5a) There is a need to assess the real","level of threat of attacks against","information systems by a reliable,","independent authority and to discuss","coordination at the level of the Union to","help integrate different initiatives,","programmes and activities."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"28","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Teresa Riera Madurell","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-29","location":[[" Proposal for a directive","Recital 6"]],"meps":[28349],"meta":{"created":"2019-07-03T05:08:32"},"new":["(6) Member States should provide for","penalties in respect of attacks against","information systems, as part of a broader","set of national strategies designed to deter","and combat attacks of this nature. The","penalties provided for should be effective,","proportionate and dissuasive. Given the","cross-border nature of the threats, it is","necessary for Member States to bring","sanctions and penalties into line thereby","reducing differences between them","regarding the treatment of infringements","in the Union."],"old":["(6) Member States should provide for","penalties in respect of attacks against","information systems. The penalties","provided for should be effective,","proportionate and dissuasive.",""],"orig_lang":"es","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"29","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Sabine L\u00f6sing","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-30","location":[["Proposal for a directive","Recital 7"]],"meps":[96854],"meta":{"created":"2019-07-03T05:08:32"},"new":["(7) It is appropriate to provide for more","severe penalties when an attack against an","information system is committed by a","criminal organisation, as defined in","Council Framework Decision","2008/841/JHA of 24 October 2008 on the","fight against organised crime, when the","attack is conducted on a large scale, or","when an offence is committed by","concealing the real identity of the","perpetrator and causing prejudice to the","rightful identity owner."],"old":["(7) It is appropriate to provide for more","severe penalties when an attack against an","information system is committed by a","criminal organisation, as defined in","Council Framework Decision","2008/841/JHA of 24 October 2008 on the","fight against organised crime, when the","attack is conducted on a large scale, or","when an offence is committed by","concealing the real identity of the","perpetrator and causing prejudice to the","rightful identity owner. It is also","appropriate to provide for more severe","penalties where such an attack has caused","serious damage or has affected essential","interests."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"30","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-31","location":[["Proposal for a directive","Recital 8"]],"meps":[28349],"meta":{"created":"2019-07-03T05:08:32"},"new":["(8) The Council Conclusions of 27-28","November 2008 indicated that a new","strategy should be developed with the","Member States and the Commission,","taking into account the content of the 2001","Council of Europe Convention on","Cybercrime. The Council and","Commission must encourage those","Member States that have not yet ratified","the Convention to do so as soon as","possible. That Convention is the legal","framework of reference for combating","cybercrime, including attacks against","information systems. This Directive builds","on that Convention."],"old":["(8) The Council Conclusions of 27-28","November 2008 indicated that a new","strategy should be developed with the","Member States and the Commission,","taking into account the content of the 2001","Council of Europe Convention on","Cybercrime. That Convention is the legal","framework of reference for combating","cybercrime, including attacks against","information systems. This Directive builds","on that Convention."],"orig_lang":"es","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"31","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Tunne Kelam","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-32","location":[[" Proposal for a directive","Recital 8 a (new)"]],"meps":[28424],"meta":{"created":"2019-07-03T05:08:33"},"new":["(8a) The Council and the Commission","should call on those Member States which","still need to ratify the Council of Europe","Convention on Cybercrime to do so","without delay."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"32","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Elena B\u0103sescu","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-33","location":[[" Proposal for a directive","Recital 11"]],"meps":[96814],"meta":{"created":"2019-07-03T05:08:33"},"new":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe\u2019s network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence in electronic form of","a criminal offence. Given the speed with","which large-scale attacks can be carried","out, Member States should be able to","respond promptly to urgent requests from","this network of contact points. Such","assistance should include facilitating, or","directly carrying out, measures such as: the","provision of technical advice, a reliable","backup destined for data preservation, the","collection of evidence, the provision of","legal information, and the locating of","suspects."],"old":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe\u2019s network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence in electronic form of","a criminal offence. Given the speed with","which large-scale attacks can be carried","out, Member States should be able to","respond promptly to urgent requests from","this network of contact points. Such","assistance should include facilitating, or","directly carrying out, measures such as: the","provision of technical advice, the","preservation of data, the collection of","evidence, the provision of legal","information, and the locating of suspects."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"33","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-34","location":[["Proposal for a directive","Recital 11 a (new)"]],"meps":[28349],"meta":{"created":"2019-07-03T05:08:33"},"new":["(11a) Cooperation on the part of the","authorities with the private sector and","civil society is of major importance in","avoiding and combating cyber attacks. It","is necessary to establish ongoing dialogue","with them, given their extensive use of","computer systems and the need for shared","responsibility in ensuring reliable and","functional systems. It is important to raise","awareness among all computer system","stakeholders, so as to create a data","security mentality."],"old":[""],"orig_lang":"es","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"34","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Tunne Kelam","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-35","location":[[" Proposal for a directive","Recital 11 a (new)"]],"meps":[28424],"meta":{"created":"2019-07-03T05:08:33"},"new":["(11a) Closer cooperation should be","envisaged both with the European","Defence Agency (EDA) and with the","NATO Cooperative Cyber Defence Centre","of Excellence (CCDCOE), in particular in","the field of capacity building and training."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"35","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Teresa Riera Madurell","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-36","location":[[" Proposal for a directive","Recital 12"]],"meps":[28349],"meta":{"created":"2019-07-03T05:08:33"},"new":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. Member States must step up","exchanges of information regarding","cyber attacks with the support of the","Commission and the European Network","and Information Security Agency. The","data will moreover help specialised","agencies such as Europol and the European","Network and Information Security Agency","to better assess the extent of cybercrime","and the state of network and information","security in Europe. Improved knowledge","of present and future risks will make it","possible to take decisions which are","more effective in deterring and","combating cyber attacks or reducing the","resulting damage."],"old":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. The data will moreover help","specialised agencies such as Europol and","the European Network and Information","Security Agency to better assess the extent","of cybercrime and the state of network and","information security in Europe.",""],"orig_lang":"es","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"36","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marietje Schaake","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-37","location":[["Proposal for a directive","Recital 12"]],"meps":[96945],"meta":{"created":"2019-07-03T05:08:33"},"new":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a complete picture of the problem at","Union level and thereby contribute to","formulating more effective responses. The","data will moreover help specialised","agencies such as Europol and the European","Network and Information Security Agency","to better assess the extent and impact of","cybercrime and the state of network and","information security in Europe."],"old":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. The data will moreover help","specialised agencies such as Europol and","the European Network and Information","Security Agency to better assess the extent","of cybercrime and the state of network and","information security in Europe."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"37","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marietje Schaake","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-38","location":[["Proposal for a directive","Recital 12 a (new)"]],"meps":[96945],"meta":{"created":"2019-07-03T05:08:33"},"new":["(12a) The Commission should examine","the feasibility of providing frameworks or","instruments to help public private","partnerships (PPP) cooperate with each","other at national level and Union level, to","implement information quality standards","for interoperability, and to ensure respect","for fundamental rights, the separation of","powers and democratic supervision."],"old":[""],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"38","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Teresa Riera Madurell","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-39","location":[[" Proposal for a directive","Recital 13"]],"meps":[28349],"meta":{"created":"2019-07-03T05:08:33"},"new":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a trans-border dimension, thus","underlining the urgent need for further","action to approximate criminal legislation","in this area at Union level. The Union","should also seek greater international","cooperation in the field of data network","security by collaborating closely with","other organisations with the relevant","terms of reference, such as the United","Nations, NATO, the Council of Europe,","or the OSCE and involving other","international stakeholders. Besides that,","the coordination of prosecution of cases of","attacks against information systems should","be facilitated by the adoption of Council","Framework Decision 2009/948/JHA on","prevention and settlement of conflict of","jurisdiction in criminal proceedings."],"old":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a trans-border dimension, thus","underlining the urgent need for further","action to approximate criminal legislation","in this area. Besides that, the coordination","of prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings."],"orig_lang":"es","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"39","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Elena B\u0103sescu","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-40","location":[["Proposal for a directive","Recital 13"]],"meps":[96814],"meta":{"created":"2019-07-03T05:08:33"},"new":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a trans-border dimension, thus","underlining the urgent need for further","action to approximate criminal legislation","in this area and to strengthen cross-border","cooperation. Besides that, the coordination","of prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings."],"old":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a trans-border dimension, thus","underlining the urgent need for further","action to approximate criminal legislation","in this area. Besides that, the coordination","of prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"40","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marietje Schaake","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-41","location":[["Proposal for a directive","Recital 16"]],"meps":[96945],"meta":{"created":"2019-07-03T05:08:33"},"new":["(16) This Directive and any practical","application thereof respect the","fundamental rights and observe the","principles recognised in particular by the","Charter of Fundamental Rights of the","European Union, including the protection","of personal data, freedom of expression","and information, the right to a fair trial,","presumption of innocence and the rights of","the defence, as well as the principles of","legality and proportionality of criminal","offences and penalties. In particular, this","Directive seeks to ensure full respect for","these rights and principles and must be","implemented accordingly. The free and","open nature of the internet is not","adversely affected by this Directive."],"old":["(16) This Directive respects the","fundamental rights and observes the","principles recognised in particular by the","Charter of Fundamental Rights of the","European Union, including the protection","","of personal data, freedom of expression","and information, the right to a fair trial,","presumption of innocence and the rights of","the defence, as well as the principles of","legality and proportionality of criminal","offences and penalties. In particular, this","Directive seeks to ensure full respect for","these rights and principles and must be","implemented accordingly."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"41","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Elena B\u0103sescu","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-42","location":[[" Proposal for a directive","Recital 16"]],"meps":[96814],"meta":{"created":"2019-07-03T05:08:33"},"new":["(16) This Directive respects the","fundamental rights, in particular the right","to privacy, and observes the principles","recognised in particular by the Charter of","Fundamental Rights of the European","Union, including the protection of personal","data, freedom of expression and","information, the right to a fair trial,","presumption of innocence and the rights of","the defence, as well as the principles of","legality and proportionality of criminal","offences and penalties. In particular, this","Directive seeks to ensure full respect for","these rights and principles and must be","implemented accordingly."],"old":["(16) This Directive respects the","fundamental rights and observes the","principles recognised in particular by the","Charter of Fundamental Rights of the","European Union, including the protection","of personal data, freedom of expression","and information, the right to a fair trial,","presumption of innocence and the rights of","the defence, as well as the principles of","legality and proportionality of criminal","offences and penalties. In particular, this","Directive seeks to ensure full respect for","these rights and principles and must be","implemented accordingly."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"42","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Tunne Kelam","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-43","location":[["Proposal for a directive","Recital 16a (new)"]],"meps":[28424],"meta":{"created":"2019-07-03T05:08:33"},"new":["(16a) The Council and the Commission","should insist, in negotiations and","cooperation with third countries, on","minimum requirements for preventing","and fighting cybercrime and cyber attacks","as well as on minimum standards for","information system security."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"43","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Tunne Kelam","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-44","location":[["Proposal for a directive","Recital 16b (new)"]],"meps":[28424],"meta":{"created":"2019-07-03T05:08:33"},"new":["(16b) The Commission should consider","options to facilitate and assist third","countries in their efforts to develop their","cyber security and cyber defence","capabilities."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"44","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Sabine L\u00f6sing","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-45","location":[["Proposal for a directive","Article 3 \u2013 paragraph 1"]],"meps":[96854],"meta":{"created":"2019-07-03T05:08:34"},"new":["Member States shall take the necessary","measures to ensure that access with","criminal intent and without right to the","whole or any part of an information system","is punishable as a criminal offence, at least","for cases which are not minor."],"old":["Member States shall take the necessary","measures to ensure that the intentional","access without right to the whole or any","part of an information system is punishable","as a criminal offence, at least for cases","","which are not minor."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"45","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marietje Schaake","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-46","location":[[" Proposal for a directive","Article 7 \u2013 paragraph 1 \u2013 introductory part"]],"meps":[96945],"meta":{"created":"2019-07-03T05:08:34"},"new":["Member States shall take the necessary","measure to ensure that the production, sale,","procurement for use, import, possession,","distribution or otherwise making available","of the following can be punished as a","criminal offence when committed","intentionally and without right for the","purpose of committing any of the offences","referred to in Articles 3 to 6, as determined","in a fair trial:"],"old":["Member States shall take the necessary","measure to ensure that the production, sale,","procurement for use, import, possession,","distribution or otherwise making available","of the following is punishable as a","criminal offence when committed","intentionally and without right for the","purpose of committing any of the offences","referred to in Articles 3 to 6:"],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"46","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Sabine L\u00f6sing","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-47","location":[[" Proposal for a directive","Article 9 \u2013 paragraph 1"]],"meps":[96854],"meta":{"created":"2019-07-03T05:08:34"},"new":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 8 are punishable","by proportional criminal penalties."],"old":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 8 are punishable","by effective, proportional and dissuasive","criminal penalties."],"orig_lang":"de","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"47","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Sabine L\u00f6sing","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-48","location":[["Proposal for a directive","Article 12 \u2013 paragraph 1 \u2013 introductory part"]],"meps":[96854],"meta":{"created":"2019-07-03T05:08:34"},"new":["1. Member States shall take the necessary","measures to ensure that a legal person held","liable pursuant to Article 11(1) is","punishable by proportionate penalties,","which shall include criminal or non-","criminal fines and may include other","sanctions, for example:"],"old":["1. Member States shall take the necessary","measures to ensure that a legal person held","liable pursuant to Article 11(1) is","punishable by effective, proportionate and","dissuasive penalties, which shall include","criminal or non-criminal fines and may","include other sanctions, for example:"],"orig_lang":"de","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"48","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Sabine L\u00f6sing","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-49","location":[["Proposal for a directive","Article 12 \u2013 paragraph 2"]],"meps":[96854],"meta":{"created":"2019-07-03T05:08:34"},"new":["2. Member States shall take the necessary","measures to ensure that a legal person held","liable pursuant to Article 11(2) is","punishable by proportionate penalties or","measures."],"old":["2. Member States shall take the necessary","measures to ensure that a legal person held","liable pursuant to Article 11(2) is","punishable by effective, proportionate and","dissuasive penalties or measures."],"orig_lang":"de","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"49","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Tunne Kelam","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-50","location":[["Proposal for a directive","Article 14 \u2013 paragraph 2 a (new)"]],"meps":[28424],"meta":{"created":"2019-07-03T05:08:34"},"new":["2a. The Commission shall assist Member","States in promoting the resilience and","stability of the internet and shall","undertake other activities aiming at","achieving information security."],"old":[""],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"50","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Sabine L\u00f6sing","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-51","location":[[" Proposal for a directive","Article 15 \u2013 paragraph 3"]],"meps":[96854],"meta":{"created":"2019-07-03T05:08:34"},"new":["3. Member States shall transmit the data","collected according to this Article to the","Commission. They shall also ensure that a","consolidated review of these statistical","reports is submitted to the European","Parliament and published."],"old":["3. Member States shall transmit the data","collected according to this Article to the","Commission. They shall also ensure that a","consolidated review of these statistical","reports is published."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"51","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marietje Schaake","changes":{},"committee":["AFET"],"date":"2011-10-13T00:00:00","id":"PE473.863-52","location":[[" Proposal for a directive","Article 15 \u2013 paragraph 3 a (new)"]],"meps":[96945],"meta":{"created":"2019-07-03T05:08:34"},"new":["3a. The Commission shall review the","application of this Directive and, in","particular, the need to appoint a Union","Cybersecurity Coordinator in order to","assess the level of threat and facilitate the","integration and coordination of the Union","institutions\u2019 initiatives, programmes and","activities."],"orig_lang":"en","peid":"PE473.863v01-00","reference":"2010/0273(COD)","seq":"52","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.863+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-12","location":[["Proposal for a directive","Recital 1"]],"meps":[28349],"meta":{"created":"2019-07-03T05:33:27"},"new":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States and the","Union; this objective forms part of the","Union\u2019s general strategy aimed at","combating organised crime, increasing","the resilience of computer networks,","protecting critical information","infrastructure and data protection."],"old":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States."],"orig_lang":"es","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"12","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-13","location":[["Proposal for a directive","Recital 1"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:27"},"new":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police,","other specialised law enforcement services","of the Member States, and the","Commission, Eurojust, Europol and the","European Network and Information","Security Agency, to enable a common and","comprehensive Union approach."],"old":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"13","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioannis A. Tsoukalas","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-14","location":[[" Proposal for a directive","Recital 1"]],"meps":[96898],"meta":{"created":"2019-07-03T05:33:28"},"new":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States, the","Commission, ENISA, EUROPOL and","EUROJUST to enable a common and","comprehensive Union approach."],"old":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"14","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ivailo Kalfin","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-15","location":[[" Proposal for a directive","Recital 1"]],"meps":[96807],"meta":{"created":"2019-07-03T05:33:28"},"new":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police,","ENISA, national Computer Emergency","Response Teams (CERTs), and other","specialised law enforcement services of the","Member States."],"old":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"15","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-16","location":[["Proposal for a directive","Recital 1 a (new)"]],"meps":[28349],"meta":{"created":"2019-07-03T05:33:28"},"new":["(1a) Information systems are a key","element of political, social and economic","interaction in Europe. Society is highly","and increasingly dependent on such","systems. The smooth operation and","security of these systems in Europe is vital","for the development of the European","single market and of a competitive and","innovative economy. At the same time as","providing great benefits, however,","information systems carry a number of","risks to our security on account of their","complexity and vulnerability to various","types of computer crime. The security of","information systems is thus a matter of","constant concern that requires an","effective response from the Member States","and the Union."],"orig_lang":"es","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"16","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-17","location":[["Proposal for a directive","Recital 2"]],"meps":[28349],"meta":{"created":"2019-07-03T05:33:28"},"new":["(2) Attacks against information systems are","a growing menace and may come from a","variety of actors such as terrorists,","organized crime, States or isolated","individuals. There is increasing concern","about the potential for terrorist or","politically motivated attacks against","information systems which form part of the","critical infrastructure of Member States and","the Union. The cross-border nature of","certain offences and the relatively low risk","and cost for offenders, coupled with the","huge benefits that may be gained and","damage that may be caused through the","attacks, adds greatly to the level of this","menace. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response","not just at the level of the European Union","but also by the international community."],"old":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace,","and there is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"orig_lang":"es","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"17","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioannis A. Tsoukalas","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-18","location":[[" Proposal for a directive","Recital 2"]],"meps":[96898],"meta":{"created":"2019-07-03T05:33:28"},"new":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace to","the functioning of information systems in","the Union and globally, and there is","increasing concern about the potential for","terrorist or politically motivated attacks","against information systems which form","part of the critical infrastructure of","Member States and the Union. This","constitutes a threat to the achievement of a","safer information society and an area of","freedom, democracy, security and justice,","undermines the creation of a European","digital single market and therefore requires","a response at the level of the European","Union as well as internationally, for","example through the 2001 Council of","Europe Convention on Cybercrime."],"old":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace,","and there is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"18","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-19","location":[["Proposal for a directive","Recital 2"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:28"},"new":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace","both in the Union and globally, and there","is increasing concern about the potential","for terrorist or politically motivated attacks","against information systems which form","part of the critical infrastructure of","Member States and the Union. This","constitutes a threat to the achievement of a","safer information society and an area of","freedom, security and justice, and therefore","requires a response at the level of the","European Union and improved","coordination and cooperation at","international level."],"old":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace,","and there is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"19","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ivailo Kalfin","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-20","justification":" Having regard to the March 2011 cyber-attacks on the European institutions, as well as to the\n numerous breaches in the European Emissions Trading Systems, which all resulted by thefts\n of millions of EUR in emissions;","location":[["Proposal for a directive","Recital 2 a (new)"]],"meps":[96807],"meta":{"created":"2019-07-03T05:33:28"},"new":["(2a) Recent cyber-attacks, perpetrated","against European networks and/ or","information systems, have caused","substantial economic and security damage","to the Union."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"20","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Silvia-Adriana \u0142ic\u0103u","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-21","location":[[" Proposal for a directive","Recital 3"]],"meps":[36281],"meta":{"created":"2019-07-03T05:33:28"},"new":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to international organisations and","states or to particular functions in the","public or private sector. Such attacks can","occasion significant financial losses both","by taking down information and","communications systems, and by causing","the loss or alteration of data. This","tendency is being accompanied,","unfortunately, by the availability and","development of increasingly sophisticated","tools that can be used by criminals to","launch cyber-attacks of various types."],"old":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to states or to particular functions in","the public or private sector. This tendency","is accompanied by the development of","increasingly sophisticated tools that can be","used by criminals to launch cyber-attacks","of various types."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"21","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ivailo Kalfin","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-22","location":[[" Proposal for a directive","Recital 3"]],"meps":[96807],"meta":{"created":"2019-07-03T05:33:28"},"new":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to states or to particular functions in","the public or private sector. This tendency","is accompanied by the development of","increasingly sophisticated tools that can be","used by criminals to launch cyber-attacks","of various types. Furthermore, distributed","denial-of-service attacks on information","systems and/ or attacks on critical","information infrastructures for disruption","purposes might be used as a means of","cyber warfare and/ or terrorism."],"old":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","","","against information systems which are","critical to states or to particular functions in","the public or private sector. This tendency","is accompanied by the development of","increasingly sophisticated tools that can be","used by criminals to launch cyber-attacks","of various types."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"22","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-23","location":[["Proposal for a directive","Recital 3"]],"meps":[28349],"meta":{"created":"2019-07-03T05:33:28"},"new":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to states, the Union or to particular","functions in the public or private sector.","This tendency is accompanied by the rapid","development of information technology","and thus of increasingly sophisticated tools","that can be used by criminals to launch","cyber-attacks of various types, some of","which have significant potential to cause","economic and social damage."],"old":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to states or to particular functions in","the public or private sector. This tendency","is accompanied by the development of","increasingly sophisticated tools that can be","used by criminals to launch cyber-attacks","of various types."],"orig_lang":"es","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"23","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-24","location":[["Proposal for a directive","Recital 4"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:28"},"new":["(4) Common definitions in this area,","particularly of information systems,","computer data and criminal offences in","respect of information systems and","computer data are essential in order to","ensure a consistent and uniform approach","in the Member States to the application of","this Directive."],"old":["(4) Common definitions in this area,","particularly of information systems and","computer data, are important in order to","ensure a consistent approach in the","Member States to the application of this","Directive."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"24","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ivailo Kalfin","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-25","location":[[" Proposal for a directive","Recital 4"]],"meps":[96807],"meta":{"created":"2019-07-03T05:33:28"},"new":["(4) Common definitions and norms of","behaviour in this area, particularly of","information systems and computer data,","are important in order to ensure a","consistent approach in the Member States","to the application of this Directive."],"old":["(4) Common definitions in this area,","particularly of information systems and","computer data, are important in order to","ensure a consistent approach in the","Member States to the application of this","Directive."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"25","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Francisco Sosa Wagner","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-26","justification":"\nThe ITRE Report internet governance: the next steps states that governments should \"protect\nthe integrity of the global internet and freedom of communication by avoiding any regional\nmeasures, such as revocation of IP addresses or domain names in third countries\".\nRevocation of IP addresses or domain names without right, e.g. without a prior court order,\ncan seriously damage legal businesses, as well as impacting on freedom of communication.\nThe recital clarifies that illegal system interference covers such actions in relation to the EU.","location":[[" Proposal for a directive","Recital 4 a (new)"]],"meps":[97170],"meta":{"created":"2019-07-03T05:33:29"},"new":["(4a) The revocation of IP addresses or","domain names are examples of system","interference and may be considered as","criminal offences as defined in Article 4","of this Directive."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"26","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Philippe Lamberts on behalf of the Verts/ALE Group","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-27","location":[["Proposal for a directive","Recital 4 a (new)"]],"meps":[96648],"meta":{"created":"2019-07-03T05:33:29"},"new":["(4a) The revocation of IP addresses or","domain names are examples of system","interference and may be considered as","criminal offences as defined in Article 4","of this Directive."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"27","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-28","location":[["Proposal for a directive","Recital 6"]],"meps":[28349],"meta":{"created":"2019-07-03T05:33:29"},"new":["(6) Member States should provide for","penalties in respect of attacks against","information systems which should be","adopted within broader national strategies","to deter and combat such attacks. The","penalties provided for should be effective,","proportionate and dissuasive. Convergence","in the sanctions and penalties applied by","Member States is necessary on account of","the often cross-border nature of the","threats and is aimed at reducing","differences between Member States when","it comes to dealing with offences","committed within the Union."],"old":["(6) Member States should provide for","penalties in respect of attacks against","information systems. The penalties","provided for should be effective,","proportionate and dissuasive.",""],"orig_lang":"es","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"28","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-29","location":[[" Proposal for a directive","Recital 6"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:29"},"new":["(6) Member States should provide both for","harmonised penalties in respect of attacks","against information systems and for","effective measures to prevent such","attacks. The penalties provided for should","be effective, proportionate and dissuasive."],"old":["(6) Member States should provide for","penalties in respect of attacks against","information systems. The penalties","provided for should be effective,","proportionate and dissuasive."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"29","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Silvia-Adriana \u0142ic\u0103u","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-30","location":[[" Proposal for a directive","Recital 6 a (new)"]],"meps":[36281],"meta":{"created":"2019-07-03T05:33:29"},"new":["(6a) Member States, the EU and the","private sector, in cooperation with the","European Network and Information","Security Agency, should take steps to","increase the security and integrity of","information systems, to prevent attacks","and to minimise the impact of attacks."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"30","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Silvia-Adriana \u0142ic\u0103u","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-31","location":[["Proposal for a directive","Recital 7"]],"meps":[36281],"meta":{"created":"2019-07-03T05:33:29"},"new":["(7) It is appropriate to provide for more","severe penalties when an attack against an","information system is committed by a","criminal organisation, as defined in","Council Framework Decision","2008/841/JHA of 24 October 2008 on the","fight against organised crime, when the","attack is conducted on a large scale, or","when an offence is committed by","concealing the real identity of the","perpetrator and causing prejudice to the","rightful identity owner. It is also","appropriate to provide for more severe","penalties where such an attack is carried","out from within an organisation by","someone with access rights and causes","serious damage or affects essential","interests."],"old":["(7) It is appropriate to provide for more","severe penalties when an attack against an","information system is committed by a","criminal organisation, as defined in","Council Framework Decision","2008/841/JHA of 24 October 2008 on the","fight against organised crime, when the","attack is conducted on a large scale, or","when an offence is committed by","concealing the real identity of the","perpetrator and causing prejudice to the","rightful identity owner. It is also","appropriate to provide for more severe","penalties where such an attack has caused","serious damage or has affected essential","interests."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"31","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-32","location":[["Proposal for a directive","Recital 8"]],"meps":[28349],"meta":{"created":"2019-07-03T05:33:29"},"new":["(8) The Council Conclusions of 27-28","November 2008 indicated that a new","strategy should be developed with the","Member States and the Commission,","taking into account the content of the 2001","Council of Europe Convention on","Cybercrime. The Council and","Commission should encourage Member","States that have not yet ratified the","Convention to do so as soon as possible.","That Convention is the legal framework of","reference for combating cybercrime,","including attacks against information","systems. This Directive builds on that","Convention."],"old":["(8) The Council Conclusions of 27-28","November 2008 indicated that a new","strategy should be developed with the","Member States and the Commission,","taking into account the content of the 2001","Council of Europe Convention on","Cybercrime. That Convention is the legal","","framework of reference for combating","cybercrime, including attacks against","information systems. This Directive builds","on that Convention."],"orig_lang":"es","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"32","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-33","location":[[" Proposal for a directive","Recital 11"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:29"},"new":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe's network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence of a criminal offence","or intent to commit a criminal offence.","Given the speed with which large-scale","attacks can be carried out, Member States","should be able to respond promptly and","effectively to urgent requests from this","network of contact points. Such assistance","should include facilitating, or directly","carrying out, measures such as: the","provision of technical assistance, including","as regards restoring information system","functionality, the preservation of data in","line with personal data protection","principles, the collection of evidence, the","provision of legal information, and the","locating and identification of suspects."],"old":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe's network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence in electronic form","of a criminal offence. Given the speed with","which large-scale attacks can be carried","out, Member States should be able to","respond promptly to urgent requests from","this network of contact points. Such","assistance should include facilitating, or","directly carrying out, measures such as: the","provision of technical advice, the","preservation of data, the collection of","evidence, the provision of legal","information, and the locating of suspects."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"33","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Silvia-Adriana \u0142ic\u0103u","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-34","location":[["Proposal for a directive","Recital 11"]],"meps":[36281],"meta":{"created":"2019-07-03T05:33:29"},"new":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe's network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence in electronic form of","a criminal offence. Given the speed with","which large-scale attacks can be carried","out, Member States the EU and the","European Network and Information","Security Agency should be able to respond","promptly to urgent requests from this","network of contact points. Such assistance","should include facilitating, or directly","carrying out, measures such as: the","provision of technical advice, the","preservation of data, the collection of","evidence, the provision of legal","information, and the locating of suspects."],"old":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe's network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence in electronic form of","a criminal offence. Given the speed with","which large-scale attacks can be carried","out, Member States should be able to","respond promptly to urgent requests from","this network of contact points. Such","assistance should include facilitating, or","directly carrying out, measures such as: the","provision of technical advice, the","preservation of data, the collection of","evidence, the provision of legal","information, and the locating of suspects."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"34","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ivailo Kalfin","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-35","location":[["Proposal for a directive","Recital 11"]],"meps":[96807],"meta":{"created":"2019-07-03T05:33:29"},"new":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe's network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence in electronic form of","a criminal offence. Given the speed with","which large-scale attacks can be carried","out, Member States should be able to","respond promptly to urgent requests from","this network of contact points. Such","assistance should include facilitating, or","directly carrying out, measures such as: the","provision of technical advice, the","preservation of data, the collection of","evidence, the provision of legal","information, the identification of the","jeopardised and/or extracted information","and the locating of suspects."],"old":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe's network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence in electronic form of","a criminal offence. Given the speed with","which large-scale attacks can be carried","out, Member States should be able to","respond promptly to urgent requests from","this network of contact points. Such","assistance should include facilitating, or","directly carrying out, measures such as: the","provision of technical advice, the","preservation of data, the collection of","evidence, the provision of legal","information, and the locating of suspects."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"35","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Teresa Riera Madurell","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-36","location":[[" Proposal for a directive","Recital 11 a (new)"]],"meps":[28349],"meta":{"created":"2019-07-03T05:33:29"},"new":["(11a) Cooperation by the public","authorities with the private sector and","civil society is of great importance in","preventing and combating attacks against","information systems. A permanent","dialogue should be established with these","partners in view of the extensive use they","make of information systems and the","sharing of responsibility required for the","stable and proper operation of these","systems. The raising of awareness among","all stakeholders in the use of information","systems is important in creating a culture","of IT security."],"old":[""],"orig_lang":"es","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"36","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-37","location":[["Proposal for a directive","Recital 12"]],"meps":[28349],"meta":{"created":"2019-07-03T05:33:29"},"new":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. Member States need to improve","the exchange of information on attacks","against information systems, with the","support of the Commission and the","European Network and Information","Security Agency. The data will moreover","help specialised agencies such as Europol","and the European Network and Information","Security Agency to better assess the extent","of cybercrime and the state of network and","information security in Europe. Better","knowledge about present and future risks","will help reach more appropriate","decisions on deterring, combating or","limiting the damage caused by attacks","against information systems."],"old":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. The data will moreover help","specialised agencies such as Europol and","the European Network and Information","Security Agency to better assess the extent","of cybercrime and the state of network and","information security in Europe."],"orig_lang":"es","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"37","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Silvia-Adriana \u0142ic\u0103u","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-38","location":[[" Proposal for a directive","Recital 12"]],"meps":[36281],"meta":{"created":"2019-07-03T05:33:29"},"new":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. The data will moreover help","specialised agencies such as Europol and","the European Network and Information","Security Agency to better assess the extent","of cybercrime and the state of network and","information security in Europe and to","support Member States in the adoption of","responses to information security","incidents."],"old":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. The data will moreover help","specialised agencies such as Europol and","the European Network and Information","Security Agency to better assess the extent","of cybercrime and the state of network and","information security in Europe."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"38","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ivailo Kalfin","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-39","location":[[" Proposal for a directive","Recital 12"]],"meps":[96807],"meta":{"created":"2019-07-03T05:33:30"},"new":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. The data will moreover help","specialised bodies and agencies such as","Member States' CERTs, Europol and the","European Network and Information","Security Agency to better assess the extent","of cybercrime and the state of network and","information security in Europe."],"old":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. The data will moreover help","specialised agencies such as Europol and","the European Network and Information","Security Agency to better assess the extent","of cybercrime and the state of network and","information security in Europe."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"39","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Teresa Riera Madurell","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-40","location":[["Proposal for a directive","Recital 13"]],"meps":[28349],"meta":{"created":"2019-07-03T05:33:30"},"new":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a trans-border dimension, thus","underlining the urgent need for further","action at Union level to approximate","national criminal legislation in this area.","Likewise, the Union should pursue","greater international cooperation in the","field of network and information system","security involving all relevant","international actors. Besides that, the","coordination of prosecution of cases of","attacks against information systems should","be facilitated by the adoption of Council","Framework Decision 2009/948/JHA on","prevention and settlement of conflict of","jurisdiction in criminal proceedings."],"old":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a trans-border dimension, thus","underlining the urgent need for further","action to approximate criminal legislation","in this area. Besides that, the coordination","of prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings."],"orig_lang":"es","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"40","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-41","location":[["Proposal for a directive","Article 1 \u2013 paragraph 1"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:30"},"new":["This Directive defines criminal offences in","the area of attacks against information","systems and establishes harmonised","minimum rules concerning penalties for","such offences. It also aims to introduce","common provisions both to prevent and","combat such attacks and to improve","European cooperation in this field,","particularly as regards criminal justice."],"old":["This Directive defines criminal offences in","the area of attacks against information","systems and establishes minimum rules","","concerning penalties for such offences. It","also aims to introduce common provisions","to prevent such attacks and improve","European criminal justice cooperation in","this field."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"41","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-42","location":[[" Proposal for a directive","Article 2 \u2013 point d"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:30"},"new":["(d) \"without right\" means access or","interference not authorised by the owner,","other right holder of the system or of part","of it, or not permitted under national or","European legislation."],"old":["(d) \"without right\" means access or","interference not authorised by the owner,","other right holder of the system or of part","of it, or not permitted under national","legislation."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"42","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioannis A. Tsoukalas","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-43","location":[[" Proposal for a directive","Article 7 \u2013 point b"]],"meps":[96898],"meta":{"created":"2019-07-03T05:33:30"},"new":["(b) a computer password, access code, a","digital or physical security token, or","similar data by which the whole or any part","of an information system is capable of","being accessed."],"old":["(b) a computer password, access code, or","similar data by which the whole or any part","of an information system is capable of","being accessed."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"43","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Silvia-Adriana \u0142ic\u0103u","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-44","location":[["Proposal for a directive","Article 8 \u2013 paragraph 1 a (new)"]],"meps":[36281],"meta":{"created":"2019-07-03T05:33:30"},"new":["1a. Member States shall ensure that the","unauthorised forwarding of identification","data to other persons with a view to the","conduct of any of the activities referred to","in Articles 3 to 7 is punishable as a","criminal offence."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"44","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Silvia-Adriana \u0142ic\u0103u","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-45","location":[["Proposal for a directive","Article 8 \u2013 paragraph 1 b (new)"]],"meps":[36281],"meta":{"created":"2019-07-03T05:33:30"},"new":["1b. Member States shall ensure that","where an offence under Articles 3 to 7 is","committed by a person who, within the","scope of his or her employment, has","access to the security systems inherent in","information systems, this shall constitute","an aggravating circumstance and be","punishable as a criminal offence."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"45","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ivailo Kalfin","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-46","location":[["Proposal for a directive","Article 10 \u2013 paragraph 2"]],"meps":[96807],"meta":{"created":"2019-07-03T05:33:30"},"new":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are punishable","by criminal penalties of a maximum term","of imprisonment of at least five years when","committed through the use of a tool","designed to launch attacks affecting a","significant number of information systems,","or attacks causing considerable damage,","such as disrupted system services, financial","cost or loss of personal data or sensitive","information."],"old":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are punishable","by criminal penalties of a maximum term","of imprisonment of at least five years when","committed through the use of a tool","designed to launch attacks affecting a","significant number of information systems,","or attacks causing considerable damage,","such as disrupted system services, financial","cost or loss of personal data."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"46","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-47","location":[[" Proposal for a directive","Article 14 \u2013 paragraph 1"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:30"},"new":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","Member States shall ensure that they have","an operational national point of contact","and make use of the network of operational","points of contact available 24 hours a day","and seven days a week. Member States","shall also ensure that they have procedures","in place so that they can respond within a","maximum of eight hours to urgent requests.","Such response must be effective and","include, where appropriate, the","facilitation or direct implementation of","the following measures: the provision of","technical advice, including as regards","restoring information system","functionality, the preservation of data in","line with personal data protection","principles, the collection of evidence, the","provision of legal information, and the","locating and identification of suspects.","The points of contact shall indicate the","form and timescale in which requests for","assistance will be answered."],"old":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","Member States shall make use of the","existing network of operational points of","contact available 24 hours a day and seven","days a week. Member States shall also","ensure that they have procedures in place","so that they can respond within a maximum","of eight hours to urgent requests. Such","response shall at least indicate whether","and in what form the request for help will","be answered and when.",""],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"47","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioannis A. Tsoukalas","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-48","location":[["Proposal for a directive","Article 14 \u2013 paragraph 1"]],"meps":[96898],"meta":{"created":"2019-07-03T05:33:30"},"new":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","Member States shall make use of the","existing network of operational points of","contact available 24 hours a day and seven","days a week. Member States shall also","ensure that they have procedures in place","so that they can respond within a maximum","of eight hours to urgent requests. Such","response shall at least indicate whether and","in what form the request for help will be","answered and when. ENISA may","undertake this role and supervise the","exchange of information, functioning as a","single point of contact and as the Union's","cybersecurity incident registrar."],"old":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","Member States shall make use of the","existing network of operational points of","contact available 24 hours a day and seven","days a week. Member States shall also","ensure that they have procedures in place","so that they can respond within a maximum","of eight hours to urgent requests. Such","response shall at least indicate whether and","in what form the request for help will be","answered and when."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"48","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Silvia-Adriana \u0142ic\u0103u","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-49","location":[["Proposal for a directive","Article 14 \u2013 paragraph 1"]],"meps":[36281],"meta":{"created":"2019-07-03T05:33:30"},"new":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","Member States shall forward such","information to the Commission, the","European Network and Information","Security Agency and the other Member","States, making use of the existing network","of operational points of contact available","24 hours a day and seven days a week.","Member States shall also ensure that they","have procedures in place so that they can","respond within a maximum of eight hours","to urgent requests. Such response shall at","least indicate whether and in what form the","request for help will be answered and","when."],"old":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","Member States shall make use of the","existing network of operational points of","contact available 24 hours a day and seven","days a week. Member States shall also","ensure that they have procedures in place","so that they can respond within a maximum","of eight hours to urgent requests. Such","response shall at least indicate whether and","in what form the request for help will be","answered and when."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"49","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-50","location":[[" Proposal for a directive","Article 14 \u2013 paragraph 2"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:30"},"new":["2. Member States shall inform the","Commission, Eurojust and the European","Network and Information Security","Agency of their appointed point of contact","for the purpose of exchanging information","on the offences referred to in Articles 3 to","8. The Commission shall forward that","information to the other Member States."],"old":["2. Member States shall inform the","Commission of their appointed point of","contact for the purpose of exchanging","information on the offences referred to in","Articles 3 to 8. The Commission shall","forward that information to the other","Member States."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"50","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Niki Tzavela","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-51","location":[["Proposal for a directive","Article 14 \u2013 paragraph 2 a (new)"]],"meps":[96660],"meta":{"created":"2019-07-03T05:33:30"},"new":["2a. ENISA shall play a strategic role in","the coordination efforts between Member","States and the Union institutions."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"51","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioannis A. Tsoukalas","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-52","location":[["Proposal for a directive","Article 15 \u2013 paragraph 1"]],"meps":[96898],"meta":{"created":"2019-07-03T05:33:30"},"new":["1. Member States shall ensure that a","system is in place for the recording,","production and provision of statistical data","on the offences referred to in Articles 3 to","8. In the case of offences involving more","than one Member State, ENISA may","facilitate the exchange of those data","among all interested parties, including","EUROPOL and EUROJUST."],"old":["1. Member States shall ensure that a","system is in place for the recording,","production and provision of statistical data","on the offences referred to in Articles 3 to","8."],"orig_lang":"en","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"52","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-53","location":[["Proposal for a directive","Article 15 \u2013 paragraph 3"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:30"},"new":["3. Member States shall transmit the data","collected according to this Article to the","Commission and the European Network","and Information Security Agency and","shall also ensure that a periodic","consolidated review of these statistical","reports is published. The European","Network and Information Security","Agency shall centralise that data at an EU","level and use it as a basis for drawing up","reports on the state of information system","and computer data security across","Europe."],"old":["3. Member States shall transmit the data","collected according to this Article to the","","Commission. They shall also ensure that a","consolidated review of these statistical","reports is published."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"53","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Silvia-Adriana \u0142ic\u0103u","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-54","location":[[" Proposal for a directive","Article 15 \u2013 paragraph 3"]],"meps":[36281],"meta":{"created":"2019-07-03T05:33:30"},"new":["3. Member States shall transmit the data","collected according to this Article to the","Commission and the European Network","and Information Security Agency","(ENISA). They shall also ensure that a","consolidated review of these statistical","reports is published."],"old":["3. Member States shall transmit the data","collected according to this Article to the","Commission. They shall also ensure that a","consolidated review of these statistical","reports is published."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"54","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["ITRE"],"date":"2011-10-12T00:00:00","id":"PE473.808-55","location":[[" Proposal for a directive","Article 18 \u2013 paragraph 2"]],"meps":[96859],"meta":{"created":"2019-07-03T05:33:30"},"new":["2. Member States and the European","Network and Information Security","Agency shall send to the Commission all","the information that is appropriate for","drawing up the report referred to in","paragraph 1. The information shall include","a detailed description of legislative and","non-legislative measures adopted in","implementing this Directive."],"old":["2. Member States shall send to the","Commission all the information that is","appropriate for drawing up the report","referred to in paragraph 1. The information","","","shall include a detailed description of","legislative and non-legislative measures","adopted in implementing this Directive."],"orig_lang":"ro","peid":"PE473.808v01-00","reference":"2010/0273(COD)","seq":"55","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-473.808+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Alexander Alvaro","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-34","location":[["Proposal for a directive","Citation 2"]],"meta":{"created":"2019-07-03T05:52:39"},"new":["Article 16 and Article 83(1) thereof,"],"old":["Article 83(1) thereof,"],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"34","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-35","location":[["Proposal for a directive","Recital 1"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:39"},"new":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States, the","Commission, Eurojust, Europol and the","European Network and Information","Security Agency (ENISA), to enable a","common and comprehensive EU","approach."],"old":["(1) The objective of this Directive is to","approximate rules on criminal law in the","Member States in the area of attacks","against information systems, and improve","cooperation between judicial and other","competent authorities, including the police","and other specialised law enforcement","services of the Member States."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"35","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-36","location":[["Proposal for a directive","Recital 2"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:40"},"new":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace","both in the EU and globally, and there is","increasing concern about the potential for","terrorist or politically motivated attacks","against information systems which form","part of the critical infrastructure of","Member States and the Union. This","constitutes a threat to the achievement of a","safer information society and an area of","freedom, security and justice, and therefore","requires a response at the level of the","European Union and improved","cooperation and coordination at","international level."],"old":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace,","and there is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"36","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat, Kyriacos Triantaphyllides","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-37","location":[[" Proposal for a directive","Recital 2"]],"meps":[96858,28514],"meta":{"created":"2019-07-03T05:52:40"},"new":["(2) Attacks against information systems, at","least those linked to organised crime, are a","growing menace, and there is increasing","concern about the potential for terrorist","attacks against information systems which","form part of the critical infrastructure of","Member States and the Union. This","constitutes a threat to the achievement of a","safer information society and an area of","freedom, security and justice, and therefore","requires a response at the level of the","European Union."],"old":["(2) Attacks against information systems, in","particular as a result of the threat from","organised crime, are a growing menace,","and there is increasing concern about the","potential for terrorist or politically","motivated attacks against information","systems which form part of the critical","infrastructure of Member States and the","Union. This constitutes a threat to the","achievement of a safer information society","and an area of freedom, security and","justice, and therefore requires a response at","the level of the European Union."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"37","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-38","location":[["Proposal for a directive","Recital 3"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:40"},"new":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to states or to particular functions in","the public or private sector. This tendency","is accompanied by the development of","increasingly sophisticated tools that can be","used by criminals to launch cyber attacks","of various types, such as \u2018botnet\u2019","networks, in which a large number of","information systems are infected via a","computer program so that they can be","controlled and used to commit large-scale","cyber attacks."],"old":["(3) There is evidence of a tendency","towards increasingly dangerous and","recurrent large scale attacks conducted","against information systems which are","critical to states or to particular functions in","the public or private sector. This tendency","is accompanied by the development of","increasingly sophisticated tools that can be","used by criminals to launch cyber-attacks","of various types."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"38","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-39","location":[["Proposal for a directive","Recital 6"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:40"},"new":["(6) Member States should provide for","response and prevention mechanisms and","penalties in respect of attacks against","information systems. The penalties","provided for should be effective,","proportionate and dissuasive."],"old":["(6) Member States should provide for","penalties in respect of attacks against","information systems. The penalties","provided for should be effective,","proportionate and dissuasive."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"39","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Mulder","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-40","location":[[" Proposal for a directive","Recital 6"]],"meps":[1965],"meta":{"created":"2019-07-03T05:52:40"},"new":["(6) Member States should provide for","penalties in respect of attacks against","information systems. The penalties","provided for should be effective,","proportionate and dissuasive and could","include imprisonment and/or financial","penalties."],"old":["(6) Member States should provide for","penalties in respect of attacks against","information systems. The penalties","provided for should be effective,","proportionate and dissuasive."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"40","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat, Kyriacos Triantaphyllides","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-41","location":[[" Proposal for a directive","Recital 6"]],"meps":[96858,28514],"meta":{"created":"2019-07-03T05:52:40"},"new":["(6) Member States should provide for","penalties in respect of attacks against","information systems. The penalties","provided for should be proportionate."],"old":["(6) Member States should provide for","penalties in respect of attacks against","information systems. The penalties","provided for should be effective,","proportionate and dissuasive."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"41","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marian-Jean Marinescu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-42","location":[[" Proposal for a directive","Recital 6"]],"meps":[33982],"meta":{"created":"2019-07-03T05:52:40"},"new":["(6) Member States should provide for","effective measures to prevent attacks","against information systems and penalties","in respect of attacks against information","systems. Member States and the Union","should ensure a comprehensive","framework dealing with prevention,","teaching of personal cyber security to","citizens as part of all digital literacy","curriculum. The penalties provided for","should be effective, proportionate and","dissuasive."],"old":["(6) Member States should provide for","penalties in respect of attacks against","","information systems. The penalties","provided for should be effective,","proportionate and dissuasive."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"42","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Axel Voss","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-43","justification":"The definition of \u2018minor\u2019 cases should be included in Article 2. However, since a \u2018minor case\u2019\nis such an imprecise legal concept, further elucidation is also required in the recitals, and can\ngive some indication of the scope of the directive for legal purposes.","location":[["Proposal for a directive","Recital 7 a (new)"]],"meps":[96761],"meta":{"created":"2019-07-03T05:52:40"},"new":["(7a) There should be no mandatory","requirement to impose a penalty in cases","deemed to be \u2018minor\u2019. A case may be","considered as \u2018minor\u2019, for example, when","the damage caused by the offence, and/or","the risk it carries to public or private","interests, such as to the integrity of an","information system or computer data, or","to a person's integrity, rights and other","interests, is insignificant or is of such a","nature that the imposition of a criminal","penalty within the legal threshold or the","imposition of criminal liability is not","necessary;"],"orig_lang":"de","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"43","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-44","location":[[" Proposal for a directive","Recital 7"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:40"},"new":["(7) It is appropriate to provide for more","severe penalties when an attack against an","information system is committed by a","criminal organisation, as defined in","Council Framework Decision","2008/841/JHA of 24 October 2008 on the","fight against organised crime, when the","attack is conducted on a large scale, such","as via a \u2018botnet\u2019 network, or when an","offence is committed by concealing the","real identity of the perpetrator and causing","prejudice to the rightful identity owner. It","is also appropriate to provide for more","severe penalties where such an attack has","caused serious damage or has affected","critical infrastructure or essential","interests."],"old":["(7) It is appropriate to provide for more","severe penalties when an attack against an","information system is committed by a","criminal organisation, as defined in","Council Framework Decision","2008/841/JHA of 24 October 2008 on the","fight against organised crime, when the","attack is conducted on a large scale, or","when an offence is committed by","concealing the real identity of the","perpetrator and causing prejudice to the","rightful identity owner. It is also","appropriate to provide for more severe","penalties where such an attack has caused","serious damage or has affected essential","interests."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"44","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-45","justification":"This AM ensures whistleblower protection, which according to the IT security experts is a\nvital function of how the global IT immune system works. The rapporteur proposes to de-\ncriminalise access 'in accordance with law' instead of 'authorised', which goes into the right\ndirection but this directive is the law that should clearly spell out what is allowed and what\nnot. The last part of the sentence is based on the rapporteur\u2019s AM 7","location":[[" Proposal for a directive","Recital 10"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:41"},"new":["(10) This Directive does not intend to","impose criminal liability where the","offences are committed without criminal","intent, such as for testing or protection of","information systems, provided that the","operator or vendor of the system is fully","informed of the vulnerability in a timely","manner, or where the withholding of an","authorisation for access to a system","constitutes an abuse of rights by itself."],"old":["(10) This Directive does not intend to","impose criminal liability where the","offences are committed without criminal","intent, such as for authorised testing or","protection of information systems."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"45","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-46","location":[["Proposal for a directive","Recital 10"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:41"},"new":["(10) This Directive does not cover action","taken to ensure the security of","information systems, e.g. the ability of an","information system to resist criminal acts","as defined in this Directive, or to make","available tools used or intended to be used","to enhance that ability. It also does not","seek to impose criminal liability if the","objective criteria used to define the crimes","listed in this Directive have been met, but","the act was committed without criminal","intent."],"old":["(10) This Directive does not intend to","impose criminal liability where the","offences are committed without criminal","intent, such as for authorised testing or","protection of information systems."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"46","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Monika Hohlmeier","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-47","location":[["Proposal for a directive","Recital 10"]],"meps":[96780],"meta":{"created":"2019-07-03T05:52:41"},"new":["(10) This Directive does not intend to","impose criminal liability where the","objective criteria of the crimes listed in","this Directive are met but the offences are","committed without criminal intent, such as","for testing in accordance with law or","protection of information systems, or","where the withholding of an authorisation","for access to a system constitutes an abuse","of rights by itself."],"old":["(10) This Directive does not intend to","impose criminal liability where the","offences are committed without criminal","","intent, such as for authorised testing or","protection of information systems."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"47","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-48","location":[[" Proposal for a directive","Recital 11"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:41"},"new":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe\u2019s network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence in electronic form of","a criminal offence. Given the speed with","which large-scale attacks can be carried","out, Member States should be able to","respond promptly to urgent requests from","this network of contact points. Such","assistance should include facilitating, or","directly carrying out, measures such as: the","provision of technical advice, including as","regards restoring information system","functionality, the preservation of data in","conformity with personal data protection","principles, the collection of evidence, the","provision of legal information, and the","locating and identification of suspects."],"old":["(11) This Directive strengthens the","importance of networks, such as the G8 or","the Council of Europe's network of points","of contact available on a twenty-four hour,","seven-day-a-week basis to exchange","information in order to ensure the","provision of immediate assistance for the","purpose of investigations or proceedings","concerning criminal offences related to","information systems and data, or for the","collection of evidence in electronic form of","a criminal offence. Given the speed with","which large-scale attacks can be carried","out, Member States should be able to","respond promptly to urgent requests from","this network of contact points. Such","assistance should include facilitating, or","directly carrying out, measures such as: the","provision of technical advice, the","preservation of data, the collection of","evidence, the provision of legal","information, and the locating of suspects."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"48","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Rolandas Paksas","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-49","location":[["Proposal for a directive","Recital 12"]],"meps":[96694],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. Because not all the Member","States collect information concerning","attacks against information systems, little","is known about such attacks. Because the","methods used to collect statistics differ,","the Member States which do collect them","cannot compare them. The data will","moreover help specialised agencies such as","Europol and the European Network and","Information Security Agency to better","assess the extent of cybercrime and the","state of network and information security","in Europe."],"old":["(12) There is a need to collect data on","offences under this Directive, in order to","gain a more complete picture of the","problem at Union level and thereby","contribute to formulating more effective","responses. The data will moreover help","specialised agencies such as Europol and","the European Network and Information","Security Agency to better assess the extent","of cybercrime and the state of network and","information security in Europe."],"orig_lang":"lt","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"49","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-50","location":[["Proposal for a directive","Recital 12 a (new)"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12a) It is also necessary to foster and","improve cooperation between service","providers, producers, law enforcement","authorities and judicial authorities, while","fully respecting the rule of law, especially","as regards legal certainty and","foreseeability, as well as the rights of","suspected and accused persons such as","the presumption of innocence and judicial","redress. That cooperation should include,","for example, providing support to service","providers for shutting down, completely or","partially, illegal systems or functions, in","accordance with the legislation in force."],"old":[""],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"50","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-51","justification":" This is AM 9 from the rapporteur with incentives and liabilities added. If there is only work\n on standards without any enforcement and incentives, we will be in the same situation as\n before. Vendors and operators of IT systems who grossly violate state of the art security\n techniques or refuse fixing known vulnerabilities should be held liable for this, including\n\ncriminal liability in severe cases.","location":[[" Proposal for a directive","Recital 12 a (new)"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12a) In order to fight cybercrime","effectively, it is also necessary to increase","the resilience of information systems by","protecting them more effectively against","attacks and setting the right incentives for","this. In this respect, the establishment of","minimum standards and of liability for","vendors and operators for the adequate","protection of information systems should","play a central role. Therefore, the Union","and the Member States' fight against","cybercrime will have an impact, only if","this Directive is accompanied by","preventive measures against such","offences adopted in accordance with","Article 67(3) and Article 84 of the Treaty","of the Functioning of the European","Union."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"51","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-52","justification":"This amendment is based on Amendment 10 by Ms Hohlmeier, with certain changes.","location":[["Proposal for a directive","Recital 12 a (new)"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12a) Member States should regard the","protection of their information systems","and the data they contain as part of their","duty of care. Reasonable levels of","protection should be provided against","reasonably identifiable threats and areas","of vulnerability. The costs and charges","linked to this protection should reflect the","harm which a cyber attack would cause to","the persons concerned."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"52","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Monika Hohlmeier","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-53","location":[["Proposal for a directive","Recital 12 a (new)"]],"meps":[96780],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12a) Member States should consider the","protection of their information systems","and associated data as part of their","respective duty of care. Appropriate levels","of protection should be provided against","reasonably identifiable threats. The cost","and burden of such protection should be","proportionate to the likely damage to","those affected."],"old":["",""],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"53","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-54","location":[[" Proposal for a directive","Recital 12 b (new)"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12b) The European Union and Member","States should pay due regard to the","protection of their information systems","and associated data and provide a high","level of protection against identifiable","threats and vulnerabilities. The cost and","burden of such protection should be","proportionate to the potential damage to","those affected by cyber attacks."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"54","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-55","justification":"This is AM 10 from the rapporteur with 'duty of care' deleted and vulnerabilities added.\nThreats are very difficult to identify and could come from anywhere, therefore protection has\nto focus on vulnerabilities.","location":[[" Proposal for a directive","Recital 12 b (new)"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12b) Member States should consider the","protection of their information systems","and associated data. Reasonable levels of","protection should be provided against","reasonably identifiable threats and","vulnerabilities. The cost and burden of","such protection should be proportionate to","the likely damage to those affected."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"55","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-56","justification":"This amendment is based on Amendment 11 by Ms Hohlmeier, with certain changes.","location":[["Proposal for a directive","Recital 12 b (new)"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12b) Member States should also take","appropriate steps to oblige legal persons","who operate of supply information","systems on their territory to protect","personal data in their care against","offences referred to in this Directive.","Legal persons should provide reasonable","levels of protection against reasonably","identifiable threats and areas of","vulnerability. Member States should","ensure that a legal person who has failed","to provide a reasonable level of protection","is liable to criminal prosecution for","negligence and to severe penalties if the","damage suffered as a result of that failure","is considerable."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"56","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Monika Hohlmeier","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-57","justification":" By dealing with personal data legal persons carry the responsibility of protecting this data at\n an adequate level in view of reasonably identifiable threats. This is already envisaged in\n Directive 2002/58/ EC on e-privacy, in Directive 95/46/EC on data protection and the\n proposal on a General Data Protection Regulation COM(2012) 11 final (among others, art.\n 22, 30). If they fail to provide this level of protection, Member States should ensure that it is\n possible to prosecute this legal person.","location":[["Proposal for a directive","Recital 12 b (new)"]],"meps":[96780],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12b) Member States should also take","appropriate steps to oblige legal persons","within their jurisdictions to protect","personal data in their care from offences","referred to in this Directive, as already","envisaged by EU law on","telecommunications and data protection.","Appropriate levels of protection should be","provided by legal persons against","reasonably identifiable threats in","accordance with the state of the art for","specific sectors and the specific data","processing situations. The cost and","burden of such protection should be","proportionate to the likely damage to","those affected. Where a legal person has","clearly failed to provide an appropriate","level of protection, and where the damage","caused as a result of such failure is","considerable, Member States should","ensure that it is possible to prosecute that","legal person."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"57","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-58","location":[[" Proposal for a directive","Recital 12 c (new)"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:41"},"new":["(12c) The European Network and","Information Security Agency (ENISA)","should play a key role in providing the","Member States and EU institutions and","bodies with technical expertise in the field","of preventing and combating cyber","attacks, in line with its mandate. In this","connection, ENISA should advise the","Member States on the establishing and","operation of national contact points and","Computer Emergency Response Teams","(CERTs). ENISA should also be","forwarded statistical data by the Member","States on offences under this Directive","and, on the basis of this and other","relevant information, should draw up","reports and recommendations on the state","of information system and computer data","security."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"58","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-59","justification":" This amendment is based on Amendment 12 by Ms Hohlmeier, with changes at the end. It also\n reiterates certain principles.","location":[["Proposal for a directive","Recital 12 c (new)"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:42"},"new":["(12c) It is also necessary to foster and","improve cooperation between service","providers, producers and law-enforcement","bodies, whilst fully respecting the rule of","law, especially as regards legal certainty","and the rights of suspects and accused","persons, such as the presumption of","innocence and the right to seek legal","redress. It is also necessary that in a","constitutional state the persons","responsible for enforcing the law should","respect the rule of law."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"59","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-60","justification":" This AM adds vulnerabilities and replaces 'data in their care', which would only address\n operators, with 'who operate or provide IT systems' in order to also address vendors. It\n deletes 'personal', because for this directive, it is not just personal data that should be\n protected, but all data and adds 'negligence' and 'deterrent sanctions' for cases where a\n failure to provide reasonable protection has caused considerable damage. This would\n overcome the current 'as is' software licenses that free the vendor from all liabilities.","location":[[" Proposal for a directive","Recital 12 c (new)"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:42"},"new":["(12c) Member States should also take","appropriate steps to oblige legal persons","within their jurisdictions who operate or","provide IT systems to protect from","offences referred to in this Directive.","Reasonable levels of protection should be","provided by legal persons against","reasonably identifiable threats and","vulnerabilities. Such protection should be","proportionate to the likely damage to","those affected. Where a legal person has","clearly failed to provide a reasonable level","of protection, and where the damage","caused as a result of such failure is","considerable, Member States should","ensure that it is possible to impose","deterrent sanctions and to prosecute this","legal person for negligence."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"60","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Monika Hohlmeier","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-61","justification":"The cooperation between service the private and the public sector is essential in order to\neffectively fight against cyber attacks.","location":[["Proposal for a directive","Recital 12 c (new)"]],"meps":[96780],"meta":{"created":"2019-07-03T05:52:42"},"new":["(12c) It is also necessary to foster and","improve cooperation between service","providers, producers, law enforcement","bodies and judicial authorities, while fully","respecting the rule of law, especially as","regards legal certainty and foreseeability,","as well as the rights of suspected and","accused persons such as the presumption","of innocence and judicial redress. This","should include, for example, support by","service providers in helping to preserve","potential evidence, in providing elements","helping to identify perpetrators and, as","last resort, to shut down illegal systems or","functions."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"61","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-62","justification":" This amendment is based on Amendment 13 by Ms Hohlmeier, with changes at the end to\n make the new provision more binding.","location":[["Proposal for a directive","Recital 12 d (new)"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:42"},"new":["(12d) Without prejudice to voluntary","cooperation between legal persons, such","as service providers and producers, on the","one hand, and law-enforcement bodies","and judicial authorities, on the other,","Member States should define the cases in","which the failure to act can in itself","constitute criminal behaviour."],"old":[""],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"62","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-63","justification":" This is AM 12 from the rapporteur with the last sentence deleted. Shutting down of (allegedly)\n 'illegal systems' is a very risky business that currently very often is done without proper rule\n of law procedures and therefore introduces 'privatised policing'. This aspect should be\n addressed in the context of the upcoming initiative from the Commission on notice &\n takedown (announced for 2012 in the Commission work programme).","location":[[" Proposal for a directive","Recital 12 d (new)"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:42"},"new":["(12d) It is also necessary to foster and","improve cooperation between service","providers, producers, law enforcement","bodies and judicial authorities, while fully","respecting the rule of law, especially as","regards legal certainty and foreseeability,","as well as the rights of suspected and","accused persons such as the presumption","of innocence and judicial redress."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"63","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-64","location":[["Proposal for a directive","Recital 12 e (new)"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:42"},"new":["(12e) In order to fight cybercrime","effectively, it is also necessary to increase","the resilience of information systems by","taking appropriate measures to protect","them more effectively against attacks. In","that connection, the introduction of","minimum standards and of the principle","of the criminal liability of operators and","producers in respect of the appropriate","protection of information systems is","fundamental. For this reason, the Union's","and the Member State' fight against","cybercrime will be effective only if this","Directive is accompanied by preventive","measures to combat such offences","adopted in accordance with Articles 67(3)","and 84 of the Treaty on the Functioning","of the European Union."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"64","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-65","location":[["Proposal for a directive","Recital 13"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:42"},"new":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems may hamper","the fight against organised crime and","terrorism, and may complicate effective","police and judicial cooperation in this area.","The transnational and borderless nature of","modern information systems means that","attacks against such systems have a","cross-border dimension, thus underlining","the urgent need for further action to","approximate criminal legislation in this","area. Besides that, the coordination of","prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings. The European","Union should also seek to improve","international cooperation on information","system, computer network and computer","data security, and ensure that","consideration is given, in any","international agreement involving the","exchange of data, to the security of data","transfer and storage."],"old":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a cross-border dimension, thus","underlining the urgent need for further","action to approximate criminal legislation","","in this area. Besides that, the coordination","of prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"65","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Tiziano Motti","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-66","location":[[" Proposal for a directive","Recital 13"]],"meps":[96760],"meta":{"created":"2019-07-03T05:52:42"},"new":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a trans-border dimension, thus","underlining the urgent need for further","action to approximate criminal legislation","in this area. Besides that, the coordination","of prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings. There is, moreover,","an urgent need to carry into effect the","European Parliament declaration of","23 June 2010 on setting up a European","early warning system (EWS) for","paedophiles and sex offenders1;","_______________","1","OJ C 236 E, 12.8.2011, p.152"],"old":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a trans-border dimension, thus","underlining the urgent need for further","action to approximate criminal legislation","in this area. Besides that, the coordination","of prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings.",""],"orig_lang":"it","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"66","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Rolandas Paksas","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-67","location":[["Proposal for a directive","Recital 13"]],"meps":[96694],"meta":{"created":"2019-07-03T05:52:42"},"new":["(13) Significant gaps and differences in","Member States\u2019 laws and criminal law","procedures and systems in the area of","attacks against information systems area","may hamper the fight against organised","crime and terrorism, and may complicate","effective international police and judicial","cooperation in this area, since widely","differing measures may be employed to","combat such crimes. The transnational and","borderless nature of modern information","systems means that attacks against such","systems have a trans-border dimension,","thus underlining the urgent need for further","action to approximate criminal legislation","in this area. Besides that, the coordination","of prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings."],"old":["(13) Significant gaps and differences in","Member States\u2019 laws in the area of attacks","against information systems area may","hamper the fight against organised crime","and terrorism, and may complicate","effective police and judicial cooperation in","this area. The transnational and borderless","nature of modern information systems","means that attacks against such systems","have a trans-border dimension, thus","underlining the urgent need for further","action to approximate criminal legislation","in this area. Besides that, the coordination","of prosecution of cases of attacks against","information systems should be facilitated","by the adoption of Council Framework","Decision 2009/948/JHA on prevention and","settlement of conflict of jurisdiction in","criminal proceedings."],"orig_lang":"lt","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"67","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-68","location":[[" Proposal for a directive","Recital 14"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:42"},"new":["(14) Since the objectives of this Directive,","i.e. ensuring that attacks against","information systems, at least when they","are perpetrated with criminal intent, are","punished in all Member States by","proportionate criminal penalties and","improving and encouraging judicial","cooperation, cannot be sufficiently","achieved by the Member States, as rules","have to be common and compatible, and","can therefore be better achieved at the level","of the Union, the Union may adopt","measures in accordance with the principle","of subsidiarity as set out in Article 5 of the","Treaty on European Union. This Directive","does not go beyond what is necessary in","order to achieve those objectives."],"old":["(14) Since the objectives of this Directive,","i.e. ensuring that attacks against","information systems are punished in all","Member States by effective, proportionate","and dissuasive criminal penalties and","improving and encouraging judicial","cooperation by removing potential","complications, cannot be sufficiently","achieved by the Member States, as rules","have to be common and compatible, and","can therefore be better achieved at the level","of the Union, the Union may adopt","measures in accordance with the principle","of subsidiarity as set out in Article 5 of the","Treaty on European Union. This Directive","does not go beyond what is necessary in","order to achieve those objectives."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"68","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat, Kyriacos Triantaphyllides","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-69","location":[[" Proposal for a directive","Recital 15"]],"meps":[96858,28514],"meta":{"created":"2019-07-03T05:52:42"},"new":["(15) Any personal data processed in the","context of the implementation of this","Directive should be protected in","accordance with the rules laid down in the","Council Framework Decision","2008/977/JHA of 27 November 2008 on","the protection of personal data processed in","the framework of police and judicial","cooperation in criminal matters with regard","to those processing activities which fall","within its scope and Regulation (EC) No.","45/2001 of the European Parliament and","the Council of 18 December 2000 on the","protection of individuals with regard to the","processing of personal data by the","Community institutions and bodies and on","the free movement of such data. This","Directive should also be consistent with","Directive 95/46/EC1 and the Council of","Europe Convention for the Protection of","Individuals with regard to Automatic","Processing of Personal Data of","28 January 1981; it should also take","account of two recommendations of the","Committee of Ministers of the Council of","Europe, No R(87)15 regulating the use of","personal data in the police sector and","No R(95)4 on the protection of personal","data in the area of telecommunication","services, with particular reference to","telephone services.","_________________","1","Directive 95/46/EC of the European","Parliament and of the Council of","24.10.1995 on the protection of","individuals with regard to the processing","of personal data and on the free","movement of such data (OJ L 281,","23.11.1995, p. 31)."],"old":["(15) Any personal data processed in the","context of the implementation of this","Directive should be protected in","accordance with the rules laid down in the","Council Framework Decision","2008/977/JHA of 27 November 2008 on","the protection of personal data processed in","the framework of police and judicial","cooperation in criminal matters with regard","to those processing activities which fall","","within its scope and Regulation (EC) No.","45/2001 of the European Parliament and","the Council of 18 December 2000 on the","protection of individuals with regard to the","processing of personal data by the","Community institutions and bodies and on","the free movement of such data."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"69","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat, Kyriacos Triantaphyllides","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-70","location":[["Proposal for a directive","Recital 16"]],"meps":[96858,28514],"meta":{"created":"2019-07-03T05:52:42"},"new":["(16) This Directive should respect","fundamental freedoms and rights and","observe the principles recognised in","particular by the Charter of Fundamental","Rights of the European Union and the","European Convention for the Protection","of Human Rights and Fundamental","Freedoms, including the protection of","personal data, the right to privacy, freedom","of expression and information, the right to","a fair trial, presumption of innocence and","the rights of the defence, as well as the","principles of legality and proportionality of","criminal offences and penalties. This","Directive must ensure full respect for these","rights and principles and should be","implemented accordingly."],"old":["(16) This Directive respects the","fundamental rights and observes the","principles recognised in particular by the","Charter of Fundamental Rights of the","European Union, including the protection","","of personal data, freedom of expression","and information, the right to a fair trial,","presumption of innocence and the rights of","the defence, as well as the principles of","legality and proportionality of criminal","offences and penalties. In particular, this","Directive seeks to ensure full respect for","these rights and principles and must be","implemented accordingly."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"70","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-71","location":[[" Proposal for a directive","Recital 16 a (new)"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:42"},"new":["(16a) This Directive is not intended to be","applied by the Member States in a manner","which is not consistent with Articles 2 and","3(1) and (2) of the Treaty on European","Union, which lay down principles which","must apply to cyberspace and the fight","against cybercrime. Its application must","not undermine the principle of internet","neutrality."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"71","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-72","location":[[" Proposal for a directive","Article 1"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:42"},"new":["This Directive defines criminal offences in","the area of attacks against information","systems and establishes minimum rules","concerning penalties for such offences. It","also aims to introduce common provisions","both to prevent and combat such attacks","and to improve European cooperation in","this field, particularly as regards criminal","justice."],"old":["This Directive defines criminal offences in","","the area of attacks against information","systems and establishes minimum rules","concerning penalties for such offences. It","also aims to introduce common provisions","to prevent such attacks and improve","European criminal justice cooperation in","this field."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"72","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat, Kyriacos Triantaphyllides","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-73","location":[["Proposal for a directive","Article 1"]],"meps":[96858,28514],"meta":{"created":"2019-07-03T05:52:42"},"new":["This Directive defines criminal offences in","the area of attacks against information","systems and establishes minimum rules","concerning penalties for such offences. It","also aims to introduce common provisions","to prevent such attacks and improve","European criminal justice cooperation in","this field. It also aims to encourage the","production of ever more secure IT tools","and the installation of ever more secure","IT systems."],"old":["This Directive defines criminal offences in","the area of attacks against information","systems and establishes minimum rules","concerning penalties for such offences. It","also aims to introduce common provisions","to prevent such attacks and improve","European criminal justice cooperation in","this field."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"73","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-74","location":[["Proposal for a directive","Article 2 \u2013 point c"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:42"},"new":["(c) \"legal person\" means any entity having","such status under the applicable law;"],"old":["(c) \"legal person\" means any entity having","such status under the applicable law,","except for States or other public bodies in","","the exercise of State authority and for","public international organisations;"],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"74","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Alexander Alvaro","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-75","location":[[" Proposal for a directive","Article 2 \u2013 point c"]],"meta":{"created":"2019-07-03T05:52:42"},"new":["(c) \u2018legal person\u2019 means any entity having","such status under the applicable law"],"old":["(c) \u2018legal person\u2019 means any entity having","such status under the applicable law,","except for States or other public bodies in","the exercise of State authority and for","public international organisations;"],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"75","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-76","justification":"We don't want state hacking be legalised, as it would violate the 'basic right to the integrity\nand confidentiality of information technical systems' as determined by the German\nConstitutional Court.","location":[[" Proposal for a directive","Article 2 \u2013 point c"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:43"},"new":["(c) \u2018legal person\u2019 means any entity having","such status under the applicable law,","except for States or other public bodies in","the exercise of State authority and for","public international organisations, which","does not imply that States or other public","bodies should be able to attack","information systems without a legal basis","and full respect for fundamental rights."],"old":["(c) \u2018legal person\u2019 means any entity having","such status under the applicable law,","except for States or other public bodies in","the exercise of State authority and for","public international organisations;"],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"76","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-77","location":[["Proposal for a directive","Article 2 \u2013 point d"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:43"},"new":["(d) \"without right\" means access, use or","interference not authorised by the owner,","other right holder of the system or of part","of it, or not permitted under national or","European legislation."],"old":["(d) \"without right\" means access or","interference not authorised by the owner,","other right holder of the system or of part","of it, or not permitted under national","legislation."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"77","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-78","justification":"This is based on AM 17 from the rapporteur, with 'use' deleted (too broad, includes anything).\n\n We also propose to clarify 'or not permitted under national legislation', to make sure it is read\n as an exception clause, not as an option for member states to widen the scope of the directive.","location":[["Proposal for a directive","Article 2 \u2013 point d"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:43"},"new":["(d) \"without right\" means access, or","interference not authorised by the owner,","other right holder of the system or of part","of it unless the withholding of such","authorisation constitutes an abuse of","rights by itself, or unless such access or","interference is permitted under national","legislation;"],"old":["(d) \u2018without right\u2019 means access or","interference not authorised by the owner,","other right holder of the system or of part","of it, or not permitted under national","legislation."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"78","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Monika Hohlmeier","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-79","location":[[" Proposal for a directive","Article 2 \u2013 point d"]],"meps":[96780],"meta":{"created":"2019-07-03T05:52:43"},"new":["(d) \u2018without right\u2019 means access, use, or","interference not authorised by the owner,","other right holder of the system or of part","of it, or not permitted under national","legislation."],"old":["(d) \u2018without right\u2019 means access or","interference not authorised by the owner,","other right holder of the system or of part","of it, or not permitted under national","legislation."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"79","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-80","location":[[" Proposal for a directive","Article 2 \u2013 point d"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:43"},"new":["(d) \"without right\" means access or","interference not authorised by the owner,","other right holder of the system or of part","of it, unless the denial of such","authorisation in itself constitutes an abuse","of the law or unless such access or","interference is permitted under national","legislation."],"old":["(d) \"without right\" means access or","interference not authorised by the owner,","other right holder of the system or of part","of it, or not permitted under national","legislation."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"80","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Axel Voss","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-81","justification":"Since \u2018minor\u2019 cases are an integral part of this directive, Article 2 should contain a\nreasonably precise definition of such cases.","location":[["Proposal for a directive","Article 2 \u2013 point d a (new)"]],"meps":[96761],"meta":{"created":"2019-07-03T05:52:43"},"new":["(da) \u2018minor case\u2019 means a case where the","offence itself is deemed to be minor, there","is no pressing need to prosecute in the","public interest and the consequences of","the offence are negligible;"],"orig_lang":"de","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"81","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Axel Voss","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-82","justification":"The meaning of \u2018interception\u2019 should be precisely defined.","location":[["Proposal for a directive","Article 2 \u2013 point d b (new)"]],"meps":[96761],"meta":{"created":"2019-07-03T05:52:43"},"new":["(db) \u2018interception\u2019 means listening to,","monitoring or surveillance of the content","of communications and the procuring of","the content of data either directly or","indirectly through the use of electronic","eavesdropping or tapping devices by","technical means."],"orig_lang":"de","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"82","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Alexander Alvaro","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-83","location":[[" Proposal for a directive","Article 2 a (new)"]],"meta":{"created":"2019-07-03T05:52:43"},"new":["Article 2a","Preventive measures","1. Member States shall in cooperation","with the European Network and","Information Security Agency promote","good practices in relation to security of","data processing and support cooperation","between public and private stakeholders","by facilitating information sharing,","awareness raising and dialogue on","network and information security,","including aspects of the fight against","cybercrime.","2. Member States shall ensure that in the","case of a personal data breach, the data","controller and the data processor notify","without undue delay and, as a rule, not","later than 24 hours after the personal data","breach has been established, the personal","data breach to the competent national","authority in line with Article 4 of","Directive 2002/58/EC as amended by","Directives 2006/24/EC and 2009/136/EC","(e-privacy Directive).","3. Member States shall take the necessary","measures to protect critical infrastructure","from cyber attacks and provide for means","to hermetically cut off access to a critical","infrastructure in case a direct cyber attack","severely threatens its proper functioning."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"83","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Alexander Alvaro","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-84","location":[[" Proposal for a directive","Article 3"]],"meta":{"created":"2019-07-03T05:52:43"},"new":["Member States shall take the necessary","measures to ensure that the intentional","access without right \u2013 meaning entering","the whole or any part of an information","system \u2013 is punishable as a criminal","offence, at least for cases which are not","minor.","Each Member State shall decide that the","conduct referred to in paragraph 1 is","incriminated only where the offence is","committed by infringing an effective","security measure."],"old":["Member States shall take the necessary","measures to ensure that the intentional","access without right to the whole or any","part of an information system is punishable","as a criminal offence, at least for cases","which are not minor."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"84","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-85","location":[["Proposal for a directive","Article 3"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:43"},"new":["Member States shall take the necessary","measures to ensure that the intentional","access without right to the whole or any","part of an information system is punishable","as a criminal offence, at least for cases","which involve criminal intent and which","have serious and damaging consequences","for the existence and functioning of the","information system or systems concerned.","The actions referred to in the first","subparagraph shall only be regarded as a","criminal offence if a security measure has","been breached and if the operator or","provider of the system was not informed","comprehensively and in good time of the","vulnerability of the information system."],"old":["Member States shall take the necessary","measures to ensure that the intentional","access without right to the whole or any","part of an information system is punishable","as a criminal offence, at least for cases","which are not minor."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"85","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-86","justification":" This is based on AM 20 from the rapporteur, with two changes: 1) It does not leave it to the\n member states to introduce the threshold of infringing a security measure, which ensures that\n e.g. using your neighbour's public and open wifi does not constitute a crime. 2) It adds\n 'provided that the operator or vendor of the system is not informed of the vulnerability\n afterwards'. This is taken from our AM on whistleblower protection.","location":[[" Proposal for a directive","Article 3"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:43"},"new":["Member States shall take the necessary","measures to ensure that the intentional","access without right -meaning entering to","the whole or any part of an information","system- is punishable as a criminal offence,","at least for cases which are not minor. The","conduct referred to in paragraph 1 shall","be incriminated only where the offence is","committed by infringing a security","measure and provided that the operator or","vendor of the system is not fully informed","of the vulnerability in a timely manner."],"old":["Member States shall take the necessary","measures to ensure that the intentional","access without right to the whole or any","part of an information system is punishable","as a criminal offence, at least for cases","which are not minor."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"86","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Monika Hohlmeier","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-87","location":[[" Proposal for a directive","Article 3"]],"meps":[96780],"meta":{"created":"2019-07-03T05:52:43"},"new":["Member States shall take the necessary","measures to ensure that the intentional","access \u2013 meaning entering the whole or","any part of an information system \u2013","without right is punishable as a criminal","offence, at least for cases which are not","minor.","Each Member State may decide that the","conduct referred to in paragraph 1 is","incriminated only where the offence is","committed by infringing a security","measure."],"old":["Member States shall take the necessary","measures to ensure that the intentional","access without right to the whole or any","part of an information system is punishable","as a criminal offence, at least for cases","","which are not minor."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"87","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat, Kyriacos Triantaphyllides","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-88","location":[["Proposal for a directive","Article 4"]],"meps":[96858,28514],"meta":{"created":"2019-07-03T05:52:43"},"new":["Member States shall take the necessary","measures to ensure that the intentional","serious hindering or interruption of the","functioning of an information system by","inputting, transmitting, damaging, deleting,","deteriorating, altering, suppressing or","rendering inaccessible computer data is","punishable as a criminal offence when","committed without right, at least for cases","which involve criminal intent and which","have serious and damaging consequences","for the existence and functioning of the","information system or systems concerned."],"old":["Member States shall take the necessary","measures to ensure that the intentional","serious hindering or interruption of the","functioning of an information system by","inputting, transmitting, damaging, deleting,","deteriorating, altering, suppressing or","rendering inaccessible computer data is","punishable as a criminal offence when","committed without right, at least for cases","which are not minor."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"88","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-89","location":[["Proposal for a directive","Article 5"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:43"},"new":["Member States shall take the necessary","measures to ensure that the intentional","deletion, damaging, deterioration,","alteration, suppression or rendering","inaccessible of computer data on an","information system is punishable as a","criminal offence when committed without","right, at least for cases which involve","criminal intent and which have serious","and damaging consequences for the","existence and functioning of the","information system or systems concerned."],"old":["Member States shall take the necessary","measures to ensure that the intentional","","deletion, damaging, deterioration,","alteration, suppression or rendering","inaccessible of computer data on an","information system is punishable as a","criminal offence when committed without","right, at least for cases which are not","minor."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"89","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Axel Voss","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-90","location":[[" Proposal for a directive","Article 6"]],"meps":[96761],"meta":{"created":"2019-07-03T05:52:43"},"new":["Member States shall take the necessary","measures to ensure that the intentional","interception by technical means, of non-","public transmissions of computer data to,","from or within a information system,","including electromagnetic emissions from","an information system carrying such","computer data, is punishable as a criminal","offence when committed without right, at","least in cases which are not minor.","Interception may also involve recording.","Data transmissions comprise the period","taken to transfer the data, by cable or by","wireless, between the time it is transmitted","by the sender and the time it reaches the","recipient. Technical means include","technical devices fixed to transmission","lines as well as devices to collect and","record wireless communications,","including the use of software, passwords","and codes."],"old":["Member States shall take the necessary","measures to ensure that the intentional","interception by technical means, of non-","public transmissions of computer data to,","from or within a information system,","including electromagnetic emissions from","an information system carrying such","computer data, is punishable as a criminal","offence when committed without right."],"orig_lang":"de","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"90","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-91","location":[["Proposal for a directive","Article 6"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:43"},"new":["In accordance with Article 8 of the","European Convention for the Protection","of Human Rights and Fundamental","Freedoms and with the Charter of","Fundamental Rights, Member States shall","take the necessary measures to ensure that","the interception by technical means, of","non-public transmissions of computer data","to, from or within a information system,","including electromagnetic emissions from","an information system carrying such","computer data, is punishable as a criminal","offence when committed intentionally and","without right, at least for cases which","involve criminal intent and which have","serious and damaging consequences for","the existence and functioning of the","information system or systems concerned."],"old":["Member States shall take the necessary","measures to ensure that the intentional","interception by technical means, of non-","public transmissions of computer data to,","from or within a information system,","including electromagnetic emissions from","an information system carrying such","computer data, is punishable as a criminal","offence when committed without right."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"91","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-92","location":[["Proposal for a directive","Article 6 \u2013 paragraph 1"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:43"},"new":["Member States shall take the necessary","measures to ensure that the intentional","interception by technical means, of non-","public transmissions of computer data to,","from or within a information system,","including electromagnetic emissions from","an information system carrying such","computer data, is punishable as a criminal","offence when committed without right, at","least for cases which are not minor."],"old":["Member States shall take the necessary","measures to ensure that the intentional","interception by technical means, of non-","public transmissions of computer data to,","from or within a information system,","including electromagnetic emissions from","an information system carrying such","","computer data, is punishable as a criminal","offence when committed without right."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"92","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-93","justification":" So-called 'hacker tools' are inherently dual-use, and they are crucially needed for security\n testing. If we want to have the whistleblower protection, we also have to legalise their\n possession and distribution. Passwords and access codes should not be regarded as hacker\n tools. If they get lost, the operator should immediately improve his security measures and set\n up new passwords, just as people do when they lose their keys.","location":[[" Proposal for a directive","Article 7 \u2013 introductory part"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:43"},"new":["deleted"],"old":["Member States shall take the necessary","measure to ensure that the production,","sale, procurement for use, import,","possession, distribution or otherwise","making available of the following is","punishable as a criminal offence when","committed intentionally and without right","for the purpose of committing any of the","offences referred to in Articles 3 to 6:","(a) device, including a computer program,","designed or adapted primarily for the","purpose of committing any of the offences","referred to in Articles 3 to 6;","(b) a computer password, access code, or","similar data by which the whole or any","part of an information system is capable","of being accessed."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"93","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-94","location":[["Proposal for a directive","Article 7 \u2013 point a"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:44"},"new":["(a) device, including a computer program","but excluding a computer itself, designed","or adapted primarily for the purpose of","committing any of the offences referred to","in Articles 3 to 6;"],"old":["(a) device, including a computer program,","designed or adapted primarily for the","purpose of committing any of the offences","referred to in Articles 3 to 6;"],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"94","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-95","location":[["Proposal for a directive","Article 7 \u2013 point b"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:44"},"new":["deleted"],"old":["(b) a computer password, access code, or","similar data by which the whole or any","part of an information system is capable","of being accessed."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"95","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-96","justification":" We risk criminalising whistleblowers if publication of vulnerabilities (in cases where vendors\n or operators do not react) is considered as instigation, aiding or abetting. The paragraph\n also would move criminalisation far into the area before a crime is actually committed. It\n would be especially unproportionate to do this considering the safeguards we propose for\n minor offences etc.","location":[["Proposal for a directive","Article 8"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:44"},"new":["deleted"],"old":["Instigation, aiding, abetting and attempt","1. Member States shall ensure that the","instigation, aiding and abetting of an","offence referred to in Articles 3 to 7 is","","","punishable as a criminal offence.","2. Member States shall ensure that the","attempt to commit the offences referred to","in Articles 3 to 6 is punishable as a","criminal offence."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"96","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-97","location":[[" Proposal for a directive","Article 8 \u2013 paragraph 1"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:44"},"new":["deleted"],"old":["1. Member States shall ensure that the","instigation, aiding and abetting of an","offence referred to in Articles 3 to 7 is","punishable as a criminal offence."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"97","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-98","location":[[" Proposal for a directive","Article 8 a (new)"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:44"},"new":["Article 8a","Manufacturers\u2019 liability","Member States shall take the measures","required to ensure that manufacturers are","held criminally liable in connection with","the production, placing on the market,","marketing, operation and non-compliance","with security standards of products and","systems which are defective or which have","proven security problems, thus making","cyber attacks or data loss more likely."],"old":[""],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"98","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Mulder","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-99","location":[["Proposal for a directive","Article 9 \u2013 paragraph 1"]],"meps":[1965],"meta":{"created":"2019-07-03T05:52:44"},"new":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 8 are punishable","by effective, proportional and dissuasive","criminal penalties, including the","imposition of adequate fines."],"old":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 8 are punishable","by effective, proportional and dissuasive","criminal penalties."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"99","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat, Kyriacos Triantaphyllides","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-100","justification":" Some terms should be deleted, since they relate to the enforcement, and not the substance, of\n the law.","location":[["Proposal for a directive","Article 9 \u2013 paragraph 1"]],"meps":[96858,28514],"meta":{"created":"2019-07-03T05:52:44"},"new":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 8 are punishable","by proportional criminal penalties."],"old":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 8 are punishable","by effective, proportional and dissuasive","criminal penalties."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"100","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-101","justification":" Logical consequence of deletion of articles 7 and 8","location":[[" Proposal for a directive","Article 9 \u2013 paragraph 1"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:44"},"new":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are punishable","by effective, proportional and dissuasive","criminal penalties."],"old":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 8 are punishable","by effective, proportional and dissuasive","criminal penalties."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"101","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Mulder","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-102","location":[[" Proposal for a directive","Article 9 \u2013 paragraph 2"]],"meps":[1965],"meta":{"created":"2019-07-03T05:52:44"},"new":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of at least two years","including the imposition of an adequate","fine."],"old":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of at least two years."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"102","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-103","justification":"The original wording is contradictory, and that contradiction should be done away with.\nAttention should be drawn to the principle that the punishment must fit the crime, something\nwhich can only be determined in a court of law, on the basis of an assessment of the facts of\nthe case.","location":[["Proposal for a directive","Article 9 \u2013 paragraph 2"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:44"},"new":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of two years."],"old":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of at least two years."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"103","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-104","justification":"A deviation from the penalty level contained in articles 6 and 7 of framework decision\n2005/222/JHA on attacks against information systems has not been substantiated.","location":[["Proposal for a directive","Article 9 \u2013 paragraph 2"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:44"},"new":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of at least between one","and three years of imprisonment."],"old":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of at least two years."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"104","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Alexander Alvaro","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-105","location":[[" Proposal for a directive","Article 10"]],"meta":{"created":"2019-07-03T05:52:44"},"new":["deleted"],"old":["Aggravating circumstances","1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are","punishable by criminal penalties of a","maximum term of imprisonment of at","least five years when committed within the","framework of a criminal organization as","defined in Framework Decision","2008/841/JHA.","2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are","punishable by criminal penalties of a","maximum term of imprisonment of at","least five years when committed through","the use of a tool designed to launch","attacks affecting a significant number of","information systems, or attacks causing","considerable damage, such as disrupted","system services, financial cost or loss of","personal data.","3. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are","punishable by criminal penalties of a","maximum term of imprisonment of at","least five years when committed by","concealing the real identity of the","perpetrator and causing prejudice to the","rightful identity owner."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"105","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-106","justification":"The original wording is contradictory, and that contradiction should be done away with.\nAttention should be drawn to the principle that the punishment must fit the crime, something\nwhich can only be determined in a court of law, on the basis of an assessment of the facts of\nthe case.","location":[["Proposal for a directive","Article 10 \u2013 paragraph 1"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:44"},"new":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of five years when","committed within the framework of a","criminal organisation as defined in","Framework Decision 2008/841/JHA."],"old":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of at least five years when","committed within the framework of a","criminal organization as defined in","Framework Decision 2008/841/JHA."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"106","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-107","justification":" A deviation from the penalty level contained in articles 6 and 7 of framework decision\n 2005/222/JHA on attacks against information systems has not been substantiated.","location":[["Proposal for a directive","Article 10 \u2013 paragraph 1"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:44"},"new":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of at least between two","and five years when committed within the","framework of a criminal organization as","defined in Framework Decision","2008/841/JHA."],"old":["1. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 7 are punishable","by criminal penalties of a maximum term","of imprisonment of at least five years when","committed within the framework of a","criminal organization as defined in","Framework Decision 2008/841/JHA."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"107","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-108","location":[[" Proposal for a directive","Article 10 \u2013 paragraph 2"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:44"},"new":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are punishable","by criminal penalties of a maximum term","of imprisonment of at least five years when","committed through the use of a tool","designed to launch attacks affecting a","significant number of information systems,","or attacks causing considerable damage,","such as disrupted system services, financial","cost or loss of personal data or sensitive","information, or affecting critical","infrastructure information systems."],"old":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are punishable","by criminal penalties of a maximum term","of imprisonment of at least five years when","committed through the use of a tool","designed to launch attacks affecting a","significant number of information systems,","or attacks causing considerable damage,","such as disrupted system services, financial","cost or loss of personal data."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"108","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-109","justification":"The original wording is contradictory, and that contradiction should be done away with.\nAttention should be drawn to the principle that the punishment must fit the crime, something\nwhich can only be determined in a court of law, on the basis of an assessment of the facts of\nthe case.","location":[[" Proposal for a directive","Article 10 \u2013 paragraph 2"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:44"},"new":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are punishable","by criminal penalties of a maximum term","of imprisonment of five years when","committed through the use of a tool","designed to launch attacks affecting a","significant number of information systems,","or attacks causing considerable damage,","such as disrupted system services, financial","cost or loss of personal data."],"old":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are punishable","by criminal penalties of a maximum term","of imprisonment of at least five years when","committed through the use of a tool","designed to launch attacks affecting a","","","significant number of information systems,","or attacks causing considerable damage,","such as disrupted system services, financial","cost or loss of personal data."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"109","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-110","justification":"A deviation from the penalty level contained in articles 6 and 7 of framework decision\n2005/222/JHA on attacks against information systems has not been substantiated.","location":[["Proposal for a directive","Article 10 \u2013 paragraph 2"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:44"},"new":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are punishable","by criminal penalties of a maximum term","of imprisonment of at least between two","and five years when committed through","the use of a tool designed to launch attacks","affecting a significant number of","information systems, or attacks causing","considerable damage, such as disrupted","system services, financial cost or loss of","personal data."],"old":["2. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are punishable","by criminal penalties of a maximum term","of imprisonment of at least five years when","committed through the use of a tool","designed to launch attacks affecting a","significant number of information systems,","or attacks causing considerable damage,","such as disrupted system services, financial","cost or loss of personal data."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"110","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-111","justification":" The concealment of the real identities of the perpetrator and the damage caused to the\n rightful identity owners are not only important for the punishment of offences within the scope\n of this Directive. Rather, on the long run this and related offences should be addressed by a\n horizontal instrument going beyond the attacks against information systems.","location":[[" Proposal for a directive","Article 10 \u2013 paragraph 3"]],"meps":[96736],"meta":{"created":"2019-07-03T05:52:45"},"new":["deleted"],"old":["3. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are","punishable by criminal penalties of a","maximum term of imprisonment of at","least five years when committed by","concealing the real identity of the","perpetrator and causing prejudice to the","rightful identity owner."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"111","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-112","location":[[" Proposal for a directive","Article 10 \u2013 paragraph 3"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:45"},"new":["deleted"],"old":["3. Member States shall take the necessary","measures to ensure that the offences","referred to in Articles 3 to 6 are","punishable by criminal penalties of a","maximum term of imprisonment of at","least five years when committed by","concealing the real identity of the","perpetrator and causing prejudice to the","rightful identity owner."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"112","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Philipp Albrecht, Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-113","location":[["Proposal for a directive","Article 10 \u2013 paragraph 3 a (new)"]],"meps":[96736,96858],"meta":{"created":"2019-07-03T05:52:45"},"new":["3a. Member States shall ensure that the","penalties referred to Article 9 will not","apply to offences referred to in Articles 3","to 7 when the offences are clearly not","committed for criminal intent, such as","during the testing or the immediate","protection of information systems, or if","the operator or vendor of the system is","fully informed of the vulnerability in a","timely manner."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"113","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Philipp Albrecht, Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-114","justification":" The rapporteur has already included incentives for better security in AMs 3 and 4 (recitals).\n We should put this into a real article.","location":[["Proposal for a directive","Article 10 \u2013 paragraph 3 b (new)"]],"meps":[96736,96858],"meta":{"created":"2019-07-03T05:52:45"},"new":["3b. Member States shall consider the","protection of their information systems","and associated data. Reasonable levels of","protection should be provided against","reasonably identifiable levels of threats","and vulnerabilities, with the protection","proportionate to the probable damage to","the parties concerned."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"114","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht, Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-115","justification":" The rapporteur has already included incentives for better security in AMs 3 and 4 (recitals).\n We should put this into a real article.","location":[[" Proposal for a directive","Article 10 \u2013 paragraph 3 c (new)"]],"meps":[96736,96858],"meta":{"created":"2019-07-03T05:52:45"},"new":["3c. Member States shall take appropriate","steps to oblige legal persons under their","jurisdictions to protect information","systems from offences detailed in Articles","3 to 7. Reasonable levels of protection","should be provided against reasonably","identifiable levels of threats and","vulnerabilities, with the protection","proportionate to the probable damage to","the parties concerned."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"115","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Jan Philipp Albrecht, Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-116","justification":"The rapporteur has already included incentives for better security in AMs 3 and 4 (recitals).\nWe should put this into a real article. Paragraph 3d introduces alleviating circumstances for\nattackers who only had to overcome unreasonably weak security measures.","location":[[" Proposal for a directive","Article 10 \u2013 paragraph 3 d (new)"]],"meps":[96736,96858],"meta":{"created":"2019-07-03T05:52:45"},"new":["3d. Where legal persons are considered to","have failed to provide a reasonable level","of protection as detailed in paragraph 3b","and 3c against offenses detailed in","Articles 3 to 7, and where these offenses","are considered to have been carried out","with clear criminal intent, then these","offenses will be considered to have been","carried out under alleviating","circumstances when applying criminal","penalties."],"old":[""],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"116","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Jan Philipp Albrecht, Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-117","justification":"The rapporteur has already included incentives for better security in AMs 3 and 4 (recitals).\nWe should put this into a real article. Paragraph 3e introduces criminal liability (negligence)\nfor clearly failing to provide reasonable security in cases where an attack has caused\nconsiderable damage.","location":[["Proposal for a directive","Article 10 \u2013 paragraph 3 e (new)"]],"meps":[96736,96858],"meta":{"created":"2019-07-03T05:52:45"},"new":["3e. Where legal persons have clearly","failed to provide a reasonable level of","protection and in cases where the damage","caused as a result of this failure is","considerable, then Member States shall","ensure that is possible to impose deterrent","sanctions and to prosecute this legal","person for negligence."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"117","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Alexander Alvaro","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-118","location":[[" Proposal for a directive","Article 10 a (new)"]],"meta":{"created":"2019-07-03T05:52:45"},"new":["Article 10a","Extenuating circumstances","1. Member States shall ensure that the","penalties referred to in Article 9 will not","apply to offences referred to in Articles 3","to 7 when the offences are clearly not","committed for criminal intent, such as","during the mandated testing or the","immediate protection of information","systems.","2. Member States shall consider the","protection of their information systems","and associated data as part of their","respective duty of care. Reasonable levels","of protection should be provided against","reasonably identifiable levels of threats.","3. Member States shall take the necessary","measures to oblige data controllers and","data processors within their jurisdiction to","protect data from offences referred to in","Articles 3 to 6 and to implement","appropriate technical and organisational","measures to ensure a level of security","appropriate to the risks represented by the","processing and the nature of the personal","data to be protected, having regard to the","state of the art and the costs of their","implementation.","4. Where a data controller or a data","processor is considered to have failed to","provide a reasonable level of protection","against offences referred to in Articles 3","to 6, these offences shall be considered to","have been carried out under alleviating","circumstances when applying criminal","penalties.","5. Where a data controller or a data","processor has clearly failed to provide a","reasonable level of protection and","consequently damage is caused, Member","States shall ensure that it is possible to","prosecute this data controller or data","processor."],"old":["",""],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"118","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat, Kyriacos Triantaphyllides","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-119","justification":"See justification for the amendment to Article 9.","location":[["Proposal for a directive","Article 12 \u2013 paragraph 1 \u2013 introductory part"]],"meps":[96858,28514],"meta":{"created":"2019-07-03T05:52:45"},"new":["1. Member States shall take the necessary","measures to ensure that a legal person held","liable pursuant to Article 11(1) is","punishable by proportionate penalties,","which shall include criminal or non-","criminal fines and may include other","sanctions, for example:"],"old":["1. Member States shall take the necessary","measures to ensure that a legal person held","liable pursuant to Article 11(1) is","punishable by effective, proportionate and","dissuasive penalties, which shall include","criminal or non-criminal fines and may","include other sanctions, for example:"],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"119","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-120","location":[["Proposal for a directive","Article 12 \u2013 paragraph 1 \u2013 point a"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:45"},"new":["(a) temporary or permanent exclusion","from entitlement to public benefits or aid;"],"old":["(a) exclusion from entitlement to public","benefits or aid;"],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"120","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-121","justification":" See justification for the amendment to Article 9.","location":[[" Proposal for a directive","Article 12 \u2013 paragraph 2"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:45"},"new":["2. Member States shall take the necessary","measures to ensure that a legal person held","liable pursuant to Article 11(2) is","punishable by proportionate penalties or","measures."],"old":["2. Member States shall take the necessary","measures to ensure that a legal person held","liable pursuant to Article 11(2) is","punishable by effective, proportionate and","dissuasive penalties or measures."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"121","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Axel Voss","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-122","justification":" Any extension of the jurisdiction of foreign States over people who merely habitually reside in\n another Member State should be rejected on principle.","location":[[" Proposal for a directive","Article 13 \u2013 paragraph 1 \u2013 point b"]],"meps":[96761],"meta":{"created":"2019-07-03T05:52:45"},"new":["(b) by one of their nationals; or"],"old":["(b) by one of their nationals or a person","with habitual residence in the territory of","the Member State concerned; or"],"orig_lang":"de","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"122","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-123","location":[["Proposal for a directive","Article 14 \u2013 paragraph 1"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:45"},"new":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","Member States shall ensure that they have","an operational national point of contact","and make use of the network of operational","points of contact available 24 hours a day","and seven days a week. Member States","shall also ensure that they have procedures","in place so that they can respond within a","maximum of eight hours to urgent requests.","Such response must be effective and","include, where appropriate, the","facilitation or direct implementation of","the following measures: the provision of","technical advice, including as regards","restoring information system","functionality, the preservation of data in","conformity with personal data protection","principles, the collection of evidence, the","provision of legal information, and the","locating and identification of suspects.","The points of contact shall indicate the","form and timescale in which requests for","assistance will be answered."],"old":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","Member States shall make use of the","existing network of operational points of","contact available 24 hours a day and seven","days a week. Member States shall also","ensure that they have procedures in place","so that they can respond within a maximum","of eight hours to urgent requests. Such","response shall at least indicate whether","and in what form the request for help will","be answered and when."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"123","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marian-Jean Marinescu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-124","location":[["Proposal for a directive","Article 14 \u2013 paragraph 1"]],"meps":[33982],"meta":{"created":"2019-07-03T05:52:45"},"new":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","Member States shall make use of","operational national points of contact and","the existing network of operational points","of contact available 24 hours a day and","seven days a week. Member States shall","also ensure that they have procedures in","place so that they can respond within a","maximum of eight hours to urgent requests.","Such response shall at least indicate","whether and in what form the request for","help will be answered and when."],"old":["1. For the purpose of exchange of","information relating to the offences","referred to in Articles 3 to 8, and in","accordance with data protection rules,","","Member States shall make use of the","existing network of operational points of","contact available 24 hours a day and seven","days a week. Member States shall also","ensure that they have procedures in place","so that they can respond within a maximum","of eight hours to urgent requests. Such","response shall at least indicate whether and","in what form the request for help will be","answered and when."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"124","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Ioan Enciu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-125","location":[[" Proposal for a directive","Article 14 \u2013 paragraph 2"]],"meps":[96859],"meta":{"created":"2019-07-03T05:52:45"},"new":["2. Member States shall inform the","Commission, Europol, Eurojust and the","European Network and Information","Security Agency (ENISA) of their","appointed point of contact for the purpose","of exchanging information on the offences","referred to in Articles 3 to 8. The","Commission shall forward that information","to the other Member States."],"old":["2. Member States shall inform the","Commission of their appointed point of","contact for the purpose of exchanging","information on the offences referred to in","Articles 3 to 8. The Commission shall","forward that information to the other","Member States."],"orig_lang":"ro","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"125","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":" Marian-Jean Marinescu","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-126","location":[[" Proposal for a directive","Article 15 \u2013 paragraph 1"]],"meps":[33982],"meta":{"created":"2019-07-03T05:52:45"},"new":["1. Member States shall ensure the","operability of national contact points and","provide for a system for the recording,","production and provision of statistical data","on the offences referred to in Articles 3 to","8; national contact points shall deal with","requests for assistance and facilitate the","following measures: provision of","technical advice and legal information as","well as establishing programs on","prevention and fight against cybercrime."],"old":["1. Member States shall ensure that a","system is in place for the recording,","","production and provision of statistical data","on the offences referred to in Articles 3 to","8."],"orig_lang":"en","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"126","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat, Kyriacos Triantaphyllides","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-127","location":[["Proposal for a directive","Article 15 a (new)"]],"meps":[96858,28514],"meta":{"created":"2019-07-03T05:52:46"},"new":["Article 15a","Training","1. Member States shall encourage the","organisation and contribute to the","funding of training courses for members","of the public so that the latter are aware","of the possibility of attacks intended to","undermine the freedom and security of","cyberspace and are able to protect","themselves against such attacks.","2. Member States shall incorporate into","their school curricula lessons which teach","pupils about IT tools, the dangers they","pose and how to protect themselves."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"127","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"},{"authors":"Marie-Christine Vergiat","changes":{},"committee":["LIBE"],"date":"2012-01-27T00:00:00","id":"PE480.665-128","location":[["Proposal for a directive","Article 15 b (new)"]],"meps":[96858],"meta":{"created":"2019-07-03T05:52:46"},"new":["Article 15b","Conformity with levels of security","1. Member States shall lay down in their","national law criteria regarding the","conformity of all IT tools with minimum","levels of security.","2. No more than two years after the","adoption of this Directive, the","Commission shall submit a proposal for a","directive which lays down minimum","security criteria for all IT tools sold on the","internal market."],"orig_lang":"fr","peid":"PE480.665v01-00","reference":"2010/0273(COD)","seq":"128","src":"http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+COMPARL+PE-480.665+01+DOC+PDF+V0//EN&language=EN"}],"changes":{"2014-11-09T23:56:23":[{"data":[{"body":"EC","commission":[{"Commissioner":"MALMSTR\u00d6M Cecilia","DG":{"title":"Home Affairs","url":"http://ec.europa.eu/dgs/home-affairs/"}}],"date":"2010-09-30T00:00:00","docs":[{"celexid":"CELEX:52010PC0517:EN","text":["
PURPOSE: to\n propose a new legislative framework aimed at combating (large scale) attacks\n against information systems and to repeal Council Framework Decision\n 2005/222/JHA.
PROPOSED ACT:\n Directive of the European Parliament and of the Council.
BACKGROUND: in\n recent years, the number of attacks against IT systems has risen steadily in\n Europe. Moreover, previously unknown large-scale and dangerous attacks\n against the information systems of companies, such as banks, the public\n sector and even the military, have been observed in the Member States and\n other countries. New concerns, such as the massive spread of malicious\n software creating 'botnets' - networks of infected computers that can be\n remotely controlled to stage large-scale, coordinated attacks - have emerged.\n Such network of compromised computers ('zombies') may be activated to perform\n specific actions such as attacks against information systems (cyber attacks).\n These 'zombies' can be controlled – often without the knowledge of the users\n of the compromised computers – by another computer. This 'controlling'\n computer is also known as the 'command-and-control centre'. The people who\n control this centre are among the offenders, as they use the compromised\n computers to launch attacks against information systems.
With regard to\n cybercrime, the main cause of this phenomenon is vulnerability resulting from\n a variety of factors. Insufficient response by law enforcement mechanisms\n contributes to the prevalence of these phenomena, and exacerbates the\n difficulties, as certain types of offences go beyond national borders. Variations\n in national criminal law and procedure may give rise\n to differences in investigation and prosecution, leading to differences in\n how these crimes are dealt with.
Developments\n in information technology have exacerbated these problems by making it easier\n to produce and distribute tools ('malware' and 'botnets'), while offering\n offenders anonymity and dispersing responsibility across jurisdictions. Given\n the difficulties of bringing a prosecution, organised crime is able to make\n considerable profits with little risk.
On 24 February\n 2005, EU Member States agreed a Council Framework Decision (2005/222/JHA)\n that addresses the most significant forms of criminal activity against\n information systems, such as hacking, viruses and denial of service attacks.\n The Framework Decision seeks to approximate criminal law across the EU to\n ensure that Europe's law enforcement and judicial authorities can take action\n against this form of crime. Member States were required to take the necessary\n measures to comply with the provisions of the Framework Decision by 16 March\n 2007.
On 14 July\n 2008, the Commission published a report on the implementation of the\n Framework Decision. It was noted that several emerging threats had been\n highlighted by recent attacks across Europe since adoption of the Framework\n Decision, in particular the emergence of large-scale simultaneous attacks\n against information systems and increased criminal use of so-called\n 'botnets'.\" These attacks were not the centre of attention when the\n Framework Decision was adopted.
In response to\n these developments, the Commission presents this proposal which aims to consider\n recent technical advances and the new modi operandi found in today's cyber\n attacks as devise better responses to the threat.
IMPACT\n ASSESSMENT: various policy options have been examined as a means of achieving\n the objective.
Option 1:\n Status Quo / No new EU action.
Option 2:\n Development of a programme to strengthen the efforts to counter attacks\n against information systems by means of non-legislative measures: these measures would, in addition to the programme for critical\n information infrastructure protection, focus on cross-border law enforcement\n and public-private cooperation. These soft-law instruments should aim to\n promote further coordinated action at EU level, including strengthening of\n the existing 24/7 network of contact points for law enforcement agencies;\n establishment of an EU network of public-private contact points involving\n cybercrime experts and law enforcement agencies; elaboration of a standard EU\n service level agreement for law enforcement cooperation with private sector\n operators; and support for the organisation of training programmes for law\n enforcement agencies on the investigation of cybercrime.
Option 3:\n Targeted update of the rules of the Framework Decision (new Directive replacing the current Framework Decision) to\n address the threat from large-scale attacks against information systems\n (botnets) and, when committed by concealing the real identity of the\n perpetrator and causing prejudice to the rightful identity owner, the\n efficiency of Member States' law enforcement contact points, and the lack of\n statistical data on cyber attacks.
Option 4:\n Introduction of comprehensive EU legislation against cybercrime: this option would entail new comprehensive EU legislation. In\n addition to introducing the soft-law measures in policy option 2 and the\n update in policy option 3, it would also tackle other legal problems related\n to Internet use (such as financial cybercrime, illegal Internet content, the\n collection/storage/transfer of electronic evidence…)
Option 5:\n Update of the Council of Europe Convention on Cybercrime: this option would require substantial renegotiation of the\n current Convention, which is a lengthy process and doesn’t seem realistic as\n there seems to be no international willingness to renegotiate the Convention.\n
The preferred\n policy option is a combination of non-legislative measures (option 2) with a\n targeted update of the Framework Decision (option 3).
LEGAL BASE:\n Article 83(1) of the Treaty on the Functioning of the European Union (TFEU).
CONTENT: the draft\n Directive, while repealing Framework Decision 2005/222/JHA, will retain its\n current provisions and include the following new elements:
On substantive criminal law in general, the proposed Directive:
1) Penalises the production, sale, procurement for use,\n import, distribution or otherwise making available of devices/tools used for\n committing the offences.
2) Includes aggravating circumstances:
3) Introduces ‘illegal interception’ as a criminal\n offence.
4) Introduces measures to improve European criminal\n justice cooperation by strengthening the existing structure of 24/7\n contact points:
5) Addresses the need to provide statistical data on\n cybercrimes by making it obligatory for the Member States to ensure that\n an adequate system is in place for the recording, production and provision of\n statistical data on the offences referred to in the existing Framework\n Decision and the newly added ‘illegal interception’.
Taking account of gravity of the crimes: the Directive contains in the definitions of\n criminal offences listed in articles 3, 4, 5 (illegal access to information\n systems, illegal systems interference and illegal interference) a provision\n allowing to criminalise only 'cases which are not minor' in the\n process of transposition of the directive into national law. This element of\n flexibility is intended to allow Member States not to cover cases that would\n in abstracto be covered by the basic definition but are considered not to\n harm the protected legal interest, e.g. in particular acts by young people\n who attempt to prove their expertise in information technology. This\n possibility to limit the scope of criminalisation should not however lead to\n the introduction of additional constitutive elements of offences beyond those\n that are already included in the Directive, because this would lead to the\n situation that only offences committed with the presence of aggravating\n circumstances are covered. In the process of transposition, Member States\n should refrain in particular from adding additional constitutive elements to\n the basic offences such as e.g. a special intention to derive illicit\n proceeds from crime or the presence of a specific effect such as causing a\n considerable damage.
BUDGETARY\n IMPLICATION: the implications of the proposal for the Union budget are small.\n More than 90% of the estimated cost of EUR 5 913 000 would be borne by\n the Member States and there is the possibility of applying for EU funding to\n reduce the cost.
\nThe Council adopted a general approach\n on a draft directive on attacks against information systems, proposed by the\n Commission in September 2010. The general approach will constitute the basis\n for the Council's negotiations with the European Parliament on this proposal\n under the ordinary legislative procedure.
The proposal aims to update the existing\n rules dating from 2005 (Framework Decision 2005/222/JHA), while building on the\n Council of Europe Convention on Cybercrime (Budapest Convention). It\n establishes minimum rules for the definition of criminal offences and the\n penalty levels in the area of attacks against IT systems. It also aims to\n facilitate the prevention of such attacks and to improve the cooperation\n between member states' authorities in this field. The new rules would retain\n most of the provisions currently in place - namely the penalisation of illegal\n access, illegal system interference and illegal data interference as well as\n instigation, aiding, abetting and attempt to commit those criminal offences -\n and include the following new elements:
Concerning the level of criminal\n penalties, the new rules would raise the thresholds:
These new forms of aggravating\n circumstances are intended to address the emerging threats posed by large\n scale cyber attacks, which are increasingly reported across Europe and have\n the potential severely to damage public interests.
Lastly, the Council has clarified the\n rules concerning the establishment of jurisdiction by the member states on\n cybercrime.
While the UK and Ireland participate in the adoption and application of this directive, Denmark would not be bound by\n it.
\nThe Committee on Civil Liberties, Justice and Home\nAffairs adopted the report by Monika HOHLMEIER (EPP, DE)\non the proposal for a directive of the European\nParliament and of the Council on attacks against information\nsystems and repealing Council Framework Decision\n2005/222/JHA.
\nThe committee recommends that the European\nParliaments position adopted at first reading under the\nordinary legislative procedure should be to modify the\nCommissions proposal as follows:
\nObjective of the Directive: the objective of the Directive is to establish minimum\nrules concerning the definition of criminal offences and the\nsanctions in the area of attacks against information systems.\nIt also aims to facilitate the prevention of such offences and to\nimprove cooperation between judicial and other competent\nauthorities.
\nDefinitions: a\ndefinition of without right was added:\n\"without right\" means access, interference,\ninterception, or any other conduct referred to in this Directive,\nnot authorised by the owner, other right holder of the system or of\npart of it, or not permitted under national legislation.
\nIt should also be noted that, in the recitals, a\ndefinition of interception has been introduced:\ninterception includes (but is not necessarily limited to) the\nlistening to, monitoring or surveillance of the content of\ncommunications and the procuring of the content of data either\ndirectly, through access and use of the information systems, or\nindirectly through the use of electronic eavesdropping or tapping\ndevices by technical means.
\nIllegal system interference: Member States shall take the necessary measures to\nensure that, when committed intentionally and without right,\nat least for cases which are not minor, the serious hindering or\ninterruption of the functioning of an information system by\ninputting, transmitting, damaging, deleting, deteriorating,\naltering, suppressing or rendering inaccessible computer data is\npunishable as a criminal offence. The same follows in\nrespect to the illegal access to illegal data interference or in\nthe case of illegal interception within the meaning of the\nDirective.
\nIncitement, aiding and abetting and\nattempt: provision should also be\nmade for measures to ensure that the\nincitement, aiding and abetting to commit an offence within\nthe meaning of the Directive is punishable as a criminal offence.\nMember States are called upon to ensure that the attempt to\ncommit an offence is punishable as a criminal offence.
\nPenalties: in a recital,\nit is stipulated that criminal sanctions should be envisaged at\nleast for cases which are not minor. Member States may\ndetermine what constitutes a minor case according to their national\nlaw and practice. The case may be considered minor, for example,\nwhen the damage caused by the offence and/or the risk it carries to\npublic or private interests, such as to the integrity of a computer\nsystem or computer data, or to a person's integrity, rights and\nother interests, is insignificant or is of such nature, that the\nimposition of a criminal penalty within the legal threshold or the\nimposition of criminal liability is not necessary.
\nIn any event, offences that fall within the scope\nof the Directive should be subject to the following\npenalties:
\n\n- committed within the framework of a criminal\norganisation, or
\n\n- causing serious damage, or
\n\n- committed against a critical infrastructure\ninformation system.
\nFurthermore, if certain when certain offences are\ncommitted by misusing personal data of another\nperson, with the aim of gaining trust of a third party, thereby\ncausing prejudice to the rightful identity owner, this may be\nregarded as aggravating circumstances. A recital stipulates\nthat identity theft and other identity-related offences of the same\ntype could require action at EU level in the form of a\ncomprehensive horizontal EU instrument.
\nJurisdiction: a Member\nState shall inform the Commission where it decides to establish\nfurther jurisdiction over an offence covered by the Directive\ncommitted outside their territory, e.g. where:
\nNational contact point: Member States should ensure that they have an\noperational national point of contact and make use of the\nexisting network of operational points of contact available 24\nhours a day and seven days a week. They should also ensure that\nthey have procedures in place so that in urgent requests they can\nindicate within a maximum of 8 hours at least whether the request\nfor help will be answered, as well as the form and the estimated\ntime of this answer.
\nData collection: it is\nstipulated that there is a need to collect comparable data on\noffences referred to in this Directive. Relevant data should be\nmade available to the competent specialised agencies, such as\nEuropol and the European Network and Information Security Agency in\nline with their tasks and information needs. The objective is to\ngain a more complete picture of the problem of cybercrime and\nnetwork and information security at Union level and thereby\ncontribute to formulating more effective responses.
\nReplacement of the Framework Decision\n2005/222/JHA: it is clearly\nstipulated that the Directive aims to amend and expand the\nprovisions of Framework\nDecision 2005/222/JHA concerning attacks against information\nsystems.
\nReports: lastly, the\nCommission should submit, within four years of the adoption of\nthis Directive, a report to the European Parliament and the\nCouncil, assessing the extent to which the Member States have taken\nthe necessary measures in order to comply with this Directive,\naccompanied, if necessary, by legislative proposals. In this\nrespect, the Commission shall also take into account the technical\nand legal developments in the field of cyber crime, particularly\nwith regard to the scope of this Directive.
\nThe European Parliament adopted by 541 votes to 91,\nwith 9 abstentions, a legislative resolution on the proposal for a\ndirective of the European Parliament and of the Council on attacks\nagainst information systems and repealing Council Framework\nDecision 2005/222/JHA.
\nParliament adopted its position at first reading under\nthe ordinary legislative procedure. The amendments adopted in\nplenary are the result of a compromise reached between the European\nparliament and the Council. They amend the Commissions\nproposal as follows:
\nObjective of the Directive: the objective of the Directive is to establish minimum\nrules concerning the definition of criminal offences and the\nsanctions in the area of attacks against information systems.\nIt also aims to facilitate the prevention of such offences and to\nimprove cooperation between judicial and other competent\nauthorities.
\nDefinitions: a\ndefinition of without right was added: \"without\nright\" means access, interference, interception, or any other\nconduct referred to in this Directive, not authorised by the owner,\nother right holder of the system or of part of it, or not permitted\nunder national legislation.
\nIt should also be noted that, in the recitals, a\ndefinition of interception has been introduced:\ninterception includes (but is not necessarily limited to) the\nlistening to, monitoring or surveillance of the content of\ncommunications and the procuring of the content of data either\ndirectly, through access and use of the information systems, or\nindirectly through the use of electronic eavesdropping or tapping\ndevices by technical means.
\nIllegal system interference: Member States shall take the necessary measures to\nensure that, when committed intentionally and without right,\nat least for cases which are not minor, the serious hindering or\ninterruption of the functioning of an information system by\ninputting, transmitting, damaging, deleting, deteriorating,\naltering, suppressing or rendering inaccessible computer data is\npunishable as a criminal offence. The same follows in\nrespect to the illegal access to illegal data interference or in\nthe case of illegal interception within the meaning of the\nDirective.
\nIncitement, aiding and abetting and\nattempt: provision should also be\nmade for measures to ensure that the incitement, aiding and\nabetting to commit an offence within the meaning of the\nDirective is punishable as a criminal offence. Member States are\ncalled upon to ensure that the attempt to commit an offence\nis punishable as a criminal offence.
\nPenalties: offences\nthat fall within the scope of the Directive should be subject to\nthe following penalties:
\n\n- committed within the framework of a criminal\norganisation, or
\n\n- causing serious damage, or
\n\n- committed against a critical infrastructure\ninformation system.
\nIn a recital, it is stipulated that criminal sanctions\nshould be envisaged at least for cases which are not minor.\nMember States may determine what constitutes a minor case according\nto their national law and practice. The case may be considered\nminor, for example, when the damage caused by the offence and/or\nthe risk it carries to public or private interests, such as to the\nintegrity of a computer system or computer data, or to a person's\nintegrity, rights and other interests, is insignificant or is of\nsuch nature, that the imposition of a criminal penalty within the\nlegal threshold or the imposition of criminal liability is not\nnecessary.
\nFurthermore, if certain when certain offences are\ncommitted by misusing personal data of another\nperson, with the aim of gaining trust of a third party, thereby\ncausing prejudice to the rightful identity owner, this may be\nregarded as aggravating circumstances. A recital stipulates\nthat identity theft and other identity-related offences of the same\ntype could require action at EU level in the form of a\ncomprehensive horizontal EU instrument.
\nJurisdiction: a Member\nState shall inform the Commission where it decides to establish\nfurther jurisdiction over an offence covered by the Directive\ncommitted outside their territory, e.g. where:
\nNational contact point: Member States should ensure that they have an\noperational national point of contact and make use of the\nexisting network of operational points of contact available 24\nhours a day and seven days a week. They should also ensure that\nthey have procedures in place so that in urgent requests they can\nindicate within a maximum of 8 hours at least whether the request\nfor help will be answered, as well as the form and the estimated\ntime of this answer.
\nData collection: it is\nstipulated that there is a need to collect comparable data on\noffences referred to in this Directive. Relevant data should be\nmade available to the competent specialised agencies, such as\nEuropol and the European Network and Information Security Agency in\nline with their tasks and information needs. The objective is to\ngain a more complete picture of the problem of cybercrime and\nnetwork and information security at Union level and thereby\ncontribute to formulating more effective responses.
\nReplacement of the Framework Decision\n2005/222/JHA: it is clearly\nstipulated that the Directive aims to amend and expand the\nprovisions of Framework Decision\n2005/222/JHA concerning attacks against\ninformation systems.
\nReports: lastly, the\nCommission should submit, within four years of the adoption of\nthis Directive, a report to the European Parliament and the\nCouncil, assessing the extent to which the Member States have taken\nthe necessary measures in order to comply with this Directive,\naccompanied, if necessary, by legislative proposals. In this\nrespect, the Commission shall also take into account the technical\nand legal developments in the field of cyber crime, particularly\nwith regard to the scope of this Directive.
\nPURPOSE: to\napproximate Member States criminal law in the area of attacks\nagainst information systems.
\n\nCONTENT: the Directive establishes minimum rules\nconcerning the definition of criminal offences and sanctions in\nthe area of attacks against information systems. It also aims to\nfacilitate the prevention of such offences and to improve\ncooperation between judicial and other competent\nauthorities.
\nOffences: for cases\nwhich are not minor, and are committed intentionally and without\nright, the following actions must be punishable as criminal\noffences:
\n\n· \nillegal access to information\nsystems: illegal access to the whole\nor to any part of an information system where committed by\ninfringing a security measure;
\n\n· \nillegal system interference: seriously hindering or interrupting the functioning\nof an information system by inputting computer data, by\ntransmitting, damaging, deleting, deteriorating, altering or\nsuppressing such data, or by rendering such data\ninaccessible;
\n\n· \nillegal data interference: deleting, damaging, deteriorating, altering or\nsuppressing computer data on an information system, or rendering\nsuch data inaccessible;
\n\n· \nillegal interception: intercepting, by technical means, non-public\ntransmissions of computer data to, from or within an information\nsystem, including electromagnetic emissions from an information\nsystem carrying such computer data;
\n\n· \ntools used for committing\noffences: the intentional production,\nsale, procurement for use, import, distribution or otherwise making\navailable, of one of the following tools, without right and with\nthe intention that it be used to commit any of the offences\nreferred to above: (i) a computer programme, designed or adapted\nprimarily for the purpose of committing any of the offences\nreferred to above; ii) a computer password, access code, or similar\ndata by which the whole or any part of an information system is\ncapable of being accessed.
\nIncitement, aiding and abetting and\nattempt: the Directive provides\nthat:
\n\n· \nthe incitement, or aiding and abetting, to\ncommit any of the five offences referred to above must be\npunishable as a criminal offence;
\n\n· \nthe attempt to commit illegal system\ninterference and illegal data interference must be punishable\nas a criminal offence.
\nPenalties: offences\nthat fall within the scope of the Directive should be subject to\nthe following penalties:
\n\n· \na maximum penalty of at least two\nyears of imprisonment, in cases which are not\nminor;
\n\n· \na maximum penalty of at least three\nyears of imprisonment when offences relating to illegal\nsystem interference and illegal data interference\nare committed intentionally, and when a significant number of\ninformation systems have been affected through the use of a tool\ndesigned or adapted primarily for this purpose;
\n\n· \na maximum penalty of at least five\nyears of imprisonment when offences relating to illegal\nsystem interference and illegal data interference are: (i)\ncommitted within the framework of a criminal organisation, or (ii)\ncausing serious damage, or (iii) committed against a critical\ninfrastructure information system.
\nWhen offences relating to illegal system interference\nand illegal data interference are committed by misusing the\npersonal data of another person, with the aim of gaining the trust\nof a third party, thereby causing prejudice to the rightful\nidentity owner, this may be regarded as aggravating circumstances,\nunless those circumstances are already covered by another offence,\npunishable under national law.
\nA recital in the Directive states that setting up\neffective measures against identity theft and other\nidentity-related offences constitutes another important element of\nan integrated approach against cybercrime. Any need for Union\naction against this type of criminal behaviour could also be\nconsidered in the context of evaluating the need for a\ncomprehensive horizontal Union instrument.
\nLegal persons: the\nDirective makes provision for ensuring that legal persons may be\nheld liable and sanctioned.
\nJurisdiction: the\nDirective sets out rules on the establishment of jurisdiction with\nregard to the offences described above. A recital notes that the\ntransnational and borderless nature of modern information\nsystems means that attacks against such systems have a\ncross-border dimension, thus underlining the urgent need for\nfurther action to approximate criminal law in this\narea.
\nNational contact point: Member States must ensure that they have\nan operational national point of contact and make use of\nthe existing network of operational points of contact available 24\nhours a day and seven days a week. They must have procedures in\nplace so that in urgent requests they can indicate within a maximum\nof 8 hours at least whether the request for help will be answered,\nas well as the form and the estimated time of this\nanswer.
\nData collection: a\nrecital in the text states that there is a need to collect\ncomparable data on the offences laid down in this Directive.\nRelevant data should be made available to the competent specialised\nUnion agencies and bodies, such as Europol and ENISA, in line with\ntheir tasks and information needs, in order to gain a more complete\npicture of the problem of cybercrime and network and information\nsecurity at Union level and thereby to contribute to formulating a\nmore effective response. Member States should submit information on\nthe modus operandi of the offenders to Europol and its European\nCybercrime Centre for the purpose of conducting threat assessments\nand strategic analyses of cybercrime in accordance with Council\nDecision 2009/371/JHA.
\nReplacement of Framework Decision\n2005/222/JHA: in relation to Member\nStates participating in the adoption of this Directive, references\nto the Framework Decision 2005/222/JHA shall be construed as\nreferences to this Directive.
\nReport: by 4 September\n2017, the Commission must submit a report assessing the extent to\nwhich the Member States have taken the necessary measures in order\nto comply with the Directive. It will, also take into account the\ntechnical and legal developments in the field of cybercrime,\nparticularly with regard to the scope of the Directive.
\nENTRY INTO FORCE: 3 September 2013.
\nTRANSPOSITION: by 4\nSeptember 2015.
\nPURPOSE: to\n propose a new legislative framework aimed at combating (large scale) attacks\n against information systems and to repeal Council Framework Decision\n 2005/222/JHA.
PROPOSED ACT:\n Directive of the European Parliament and of the Council.
BACKGROUND: in\n recent years, the number of attacks against IT systems has risen steadily in\n Europe. Moreover, previously unknown large-scale and dangerous attacks\n against the information systems of companies, such as banks, the public\n sector and even the military, have been observed in the Member States and\n other countries. New concerns, such as the massive spread of malicious\n software creating 'botnets' - networks of infected computers that can be\n remotely controlled to stage large-scale, coordinated attacks - have emerged.\n Such network of compromised computers ('zombies') may be activated to perform\n specific actions such as attacks against information systems (cyber attacks).\n These 'zombies' can be controlled – often without the knowledge of the users\n of the compromised computers – by another computer. This 'controlling'\n computer is also known as the 'command-and-control centre'. The people who\n control this centre are among the offenders, as they use the compromised\n computers to launch attacks against information systems.
With regard to\n cybercrime, the main cause of this phenomenon is vulnerability resulting from\n a variety of factors. Insufficient response by law enforcement mechanisms\n contributes to the prevalence of these phenomena, and exacerbates the\n difficulties, as certain types of offences go beyond national borders. Variations\n in national criminal law and procedure may give rise\n to differences in investigation and prosecution, leading to differences in\n how these crimes are dealt with.
Developments\n in information technology have exacerbated these problems by making it easier\n to produce and distribute tools ('malware' and 'botnets'), while offering\n offenders anonymity and dispersing responsibility across jurisdictions. Given\n the difficulties of bringing a prosecution, organised crime is able to make\n considerable profits with little risk.
On 24 February\n 2005, EU Member States agreed a Council Framework Decision (2005/222/JHA)\n that addresses the most significant forms of criminal activity against\n information systems, such as hacking, viruses and denial of service attacks.\n The Framework Decision seeks to approximate criminal law across the EU to\n ensure that Europe's law enforcement and judicial authorities can take action\n against this form of crime. Member States were required to take the necessary\n measures to comply with the provisions of the Framework Decision by 16 March\n 2007.
On 14 July\n 2008, the Commission published a report on the implementation of the\n Framework Decision. It was noted that several emerging threats had been\n highlighted by recent attacks across Europe since adoption of the Framework\n Decision, in particular the emergence of large-scale simultaneous attacks\n against information systems and increased criminal use of so-called\n 'botnets'.\" These attacks were not the centre of attention when the\n Framework Decision was adopted.
In response to\n these developments, the Commission presents this proposal which aims to consider\n recent technical advances and the new modi operandi found in today's cyber\n attacks as devise better responses to the threat.
IMPACT\n ASSESSMENT: various policy options have been examined as a means of achieving\n the objective.
Option 1:\n Status Quo / No new EU action.
Option 2:\n Development of a programme to strengthen the efforts to counter attacks\n against information systems by means of non-legislative measures: these measures would, in addition to the programme for critical\n information infrastructure protection, focus on cross-border law enforcement\n and public-private cooperation. These soft-law instruments should aim to\n promote further coordinated action at EU level, including strengthening of\n the existing 24/7 network of contact points for law enforcement agencies;\n establishment of an EU network of public-private contact points involving\n cybercrime experts and law enforcement agencies; elaboration of a standard EU\n service level agreement for law enforcement cooperation with private sector\n operators; and support for the organisation of training programmes for law\n enforcement agencies on the investigation of cybercrime.
Option 3:\n Targeted update of the rules of the Framework Decision (new Directive replacing the current Framework Decision) to\n address the threat from large-scale attacks against information systems\n (botnets) and, when committed by concealing the real identity of the\n perpetrator and causing prejudice to the rightful identity owner, the\n efficiency of Member States' law enforcement contact points, and the lack of\n statistical data on cyber attacks.
Option 4:\n Introduction of comprehensive EU legislation against cybercrime: this option would entail new comprehensive EU legislation. In\n addition to introducing the soft-law measures in policy option 2 and the\n update in policy option 3, it would also tackle other legal problems related\n to Internet use (such as financial cybercrime, illegal Internet content, the\n collection/storage/transfer of electronic evidence…)
Option 5:\n Update of the Council of Europe Convention on Cybercrime: this option would require substantial renegotiation of the\n current Convention, which is a lengthy process and doesn’t seem realistic as\n there seems to be no international willingness to renegotiate the Convention.\n
The preferred\n policy option is a combination of non-legislative measures (option 2) with a\n targeted update of the Framework Decision (option 3).
LEGAL BASE:\n Article 83(1) of the Treaty on the Functioning of the European Union (TFEU).
CONTENT: the draft\n Directive, while repealing Framework Decision 2005/222/JHA, will retain its\n current provisions and include the following new elements:
On substantive criminal law in general, the proposed Directive:
1) Penalises the production, sale, procurement for use,\n import, distribution or otherwise making available of devices/tools used for\n committing the offences.
2) Includes aggravating circumstances:
3) Introduces ‘illegal interception’ as a criminal\n offence.
4) Introduces measures to improve European criminal\n justice cooperation by strengthening the existing structure of 24/7\n contact points:
5) Addresses the need to provide statistical data on\n cybercrimes by making it obligatory for the Member States to ensure that\n an adequate system is in place for the recording, production and provision of\n statistical data on the offences referred to in the existing Framework\n Decision and the newly added ‘illegal interception’.
Taking account of gravity of the crimes: the Directive contains in the definitions of\n criminal offences listed in articles 3, 4, 5 (illegal access to information\n systems, illegal systems interference and illegal interference) a provision\n allowing to criminalise only 'cases which are not minor' in the\n process of transposition of the directive into national law. This element of\n flexibility is intended to allow Member States not to cover cases that would\n in abstracto be covered by the basic definition but are considered not to\n harm the protected legal interest, e.g. in particular acts by young people\n who attempt to prove their expertise in information technology. This\n possibility to limit the scope of criminalisation should not however lead to\n the introduction of additional constitutive elements of offences beyond those\n that are already included in the Directive, because this would lead to the\n situation that only offences committed with the presence of aggravating\n circumstances are covered. In the process of transposition, Member States\n should refrain in particular from adding additional constitutive elements to\n the basic offences such as e.g. a special intention to derive illicit\n proceeds from crime or the presence of a specific effect such as causing a\n considerable damage.
BUDGETARY\n IMPLICATION: the implications of the proposal for the Union budget are small.\n More than 90% of the estimated cost of EUR 5 913 000 would be borne by\n the Member States and there is the possibility of applying for EU funding to\n reduce the cost.
\nThe Council adopted a general approach\n on a draft directive on attacks against information systems, proposed by the\n Commission in September 2010. The general approach will constitute the basis\n for the Council's negotiations with the European Parliament on this proposal\n under the ordinary legislative procedure.
The proposal aims to update the existing\n rules dating from 2005 (Framework Decision 2005/222/JHA), while building on the\n Council of Europe Convention on Cybercrime (Budapest Convention). It\n establishes minimum rules for the definition of criminal offences and the\n penalty levels in the area of attacks against IT systems. It also aims to\n facilitate the prevention of such attacks and to improve the cooperation\n between member states' authorities in this field. The new rules would retain\n most of the provisions currently in place - namely the penalisation of illegal\n access, illegal system interference and illegal data interference as well as\n instigation, aiding, abetting and attempt to commit those criminal offences -\n and include the following new elements:
Concerning the level of criminal\n penalties, the new rules would raise the thresholds:
These new forms of aggravating\n circumstances are intended to address the emerging threats posed by large\n scale cyber attacks, which are increasingly reported across Europe and have\n the potential severely to damage public interests.
Lastly, the Council has clarified the\n rules concerning the establishment of jurisdiction by the member states on\n cybercrime.
While the UK and Ireland participate in the adoption and application of this directive, Denmark would not be bound by\n it.
\nThe Committee on Civil Liberties, Justice and Home\nAffairs adopted the report by Monika HOHLMEIER (EPP, DE)\non the proposal for a directive of the European\nParliament and of the Council on attacks against information\nsystems and repealing Council Framework Decision\n2005/222/JHA.
\nThe committee recommends that the European\nParliaments position adopted at first reading under the\nordinary legislative procedure should be to modify the\nCommissions proposal as follows:
\nObjective of the Directive: the objective of the Directive is to establish minimum\nrules concerning the definition of criminal offences and the\nsanctions in the area of attacks against information systems.\nIt also aims to facilitate the prevention of such offences and to\nimprove cooperation between judicial and other competent\nauthorities.
\nDefinitions: a\ndefinition of without right was added:\n\"without right\" means access, interference,\ninterception, or any other conduct referred to in this Directive,\nnot authorised by the owner, other right holder of the system or of\npart of it, or not permitted under national legislation.
\nIt should also be noted that, in the recitals, a\ndefinition of interception has been introduced:\ninterception includes (but is not necessarily limited to) the\nlistening to, monitoring or surveillance of the content of\ncommunications and the procuring of the content of data either\ndirectly, through access and use of the information systems, or\nindirectly through the use of electronic eavesdropping or tapping\ndevices by technical means.
\nIllegal system interference: Member States shall take the necessary measures to\nensure that, when committed intentionally and without right,\nat least for cases which are not minor, the serious hindering or\ninterruption of the functioning of an information system by\ninputting, transmitting, damaging, deleting, deteriorating,\naltering, suppressing or rendering inaccessible computer data is\npunishable as a criminal offence. The same follows in\nrespect to the illegal access to illegal data interference or in\nthe case of illegal interception within the meaning of the\nDirective.
\nIncitement, aiding and abetting and\nattempt: provision should also be\nmade for measures to ensure that the\nincitement, aiding and abetting to commit an offence within\nthe meaning of the Directive is punishable as a criminal offence.\nMember States are called upon to ensure that the attempt to\ncommit an offence is punishable as a criminal offence.
\nPenalties: in a recital,\nit is stipulated that criminal sanctions should be envisaged at\nleast for cases which are not minor. Member States may\ndetermine what constitutes a minor case according to their national\nlaw and practice. The case may be considered minor, for example,\nwhen the damage caused by the offence and/or the risk it carries to\npublic or private interests, such as to the integrity of a computer\nsystem or computer data, or to a person's integrity, rights and\nother interests, is insignificant or is of such nature, that the\nimposition of a criminal penalty within the legal threshold or the\nimposition of criminal liability is not necessary.
\nIn any event, offences that fall within the scope\nof the Directive should be subject to the following\npenalties:
\n\n- committed within the framework of a criminal\norganisation, or
\n\n- causing serious damage, or
\n\n- committed against a critical infrastructure\ninformation system.
\nFurthermore, if certain when certain offences are\ncommitted by misusing personal data of another\nperson, with the aim of gaining trust of a third party, thereby\ncausing prejudice to the rightful identity owner, this may be\nregarded as aggravating circumstances. A recital stipulates\nthat identity theft and other identity-related offences of the same\ntype could require action at EU level in the form of a\ncomprehensive horizontal EU instrument.
\nJurisdiction: a Member\nState shall inform the Commission where it decides to establish\nfurther jurisdiction over an offence covered by the Directive\ncommitted outside their territory, e.g. where:
\nNational contact point: Member States should ensure that they have an\noperational national point of contact and make use of the\nexisting network of operational points of contact available 24\nhours a day and seven days a week. They should also ensure that\nthey have procedures in place so that in urgent requests they can\nindicate within a maximum of 8 hours at least whether the request\nfor help will be answered, as well as the form and the estimated\ntime of this answer.
\nData collection: it is\nstipulated that there is a need to collect comparable data on\noffences referred to in this Directive. Relevant data should be\nmade available to the competent specialised agencies, such as\nEuropol and the European Network and Information Security Agency in\nline with their tasks and information needs. The objective is to\ngain a more complete picture of the problem of cybercrime and\nnetwork and information security at Union level and thereby\ncontribute to formulating more effective responses.
\nReplacement of the Framework Decision\n2005/222/JHA: it is clearly\nstipulated that the Directive aims to amend and expand the\nprovisions of Framework\nDecision 2005/222/JHA concerning attacks against information\nsystems.
\nReports: lastly, the\nCommission should submit, within four years of the adoption of\nthis Directive, a report to the European Parliament and the\nCouncil, assessing the extent to which the Member States have taken\nthe necessary measures in order to comply with this Directive,\naccompanied, if necessary, by legislative proposals. In this\nrespect, the Commission shall also take into account the technical\nand legal developments in the field of cyber crime, particularly\nwith regard to the scope of this Directive.
\nThe European Parliament adopted by 541 votes to 91,\nwith 9 abstentions, a legislative resolution on the proposal for a\ndirective of the European Parliament and of the Council on attacks\nagainst information systems and repealing Council Framework\nDecision 2005/222/JHA.
\nParliament adopted its position at first reading under\nthe ordinary legislative procedure. The amendments adopted in\nplenary are the result of a compromise reached between the European\nparliament and the Council. They amend the Commissions\nproposal as follows:
\nObjective of the Directive: the objective of the Directive is to establish minimum\nrules concerning the definition of criminal offences and the\nsanctions in the area of attacks against information systems.\nIt also aims to facilitate the prevention of such offences and to\nimprove cooperation between judicial and other competent\nauthorities.
\nDefinitions: a\ndefinition of without right was added: \"without\nright\" means access, interference, interception, or any other\nconduct referred to in this Directive, not authorised by the owner,\nother right holder of the system or of part of it, or not permitted\nunder national legislation.
\nIt should also be noted that, in the recitals, a\ndefinition of interception has been introduced:\ninterception includes (but is not necessarily limited to) the\nlistening to, monitoring or surveillance of the content of\ncommunications and the procuring of the content of data either\ndirectly, through access and use of the information systems, or\nindirectly through the use of electronic eavesdropping or tapping\ndevices by technical means.
\nIllegal system interference: Member States shall take the necessary measures to\nensure that, when committed intentionally and without right,\nat least for cases which are not minor, the serious hindering or\ninterruption of the functioning of an information system by\ninputting, transmitting, damaging, deleting, deteriorating,\naltering, suppressing or rendering inaccessible computer data is\npunishable as a criminal offence. The same follows in\nrespect to the illegal access to illegal data interference or in\nthe case of illegal interception within the meaning of the\nDirective.
\nIncitement, aiding and abetting and\nattempt: provision should also be\nmade for measures to ensure that the incitement, aiding and\nabetting to commit an offence within the meaning of the\nDirective is punishable as a criminal offence. Member States are\ncalled upon to ensure that the attempt to commit an offence\nis punishable as a criminal offence.
\nPenalties: offences\nthat fall within the scope of the Directive should be subject to\nthe following penalties:
\n\n- committed within the framework of a criminal\norganisation, or
\n\n- causing serious damage, or
\n\n- committed against a critical infrastructure\ninformation system.
\nIn a recital, it is stipulated that criminal sanctions\nshould be envisaged at least for cases which are not minor.\nMember States may determine what constitutes a minor case according\nto their national law and practice. The case may be considered\nminor, for example, when the damage caused by the offence and/or\nthe risk it carries to public or private interests, such as to the\nintegrity of a computer system or computer data, or to a person's\nintegrity, rights and other interests, is insignificant or is of\nsuch nature, that the imposition of a criminal penalty within the\nlegal threshold or the imposition of criminal liability is not\nnecessary.
\nFurthermore, if certain when certain offences are\ncommitted by misusing personal data of another\nperson, with the aim of gaining trust of a third party, thereby\ncausing prejudice to the rightful identity owner, this may be\nregarded as aggravating circumstances. A recital stipulates\nthat identity theft and other identity-related offences of the same\ntype could require action at EU level in the form of a\ncomprehensive horizontal EU instrument.
\nJurisdiction: a Member\nState shall inform the Commission where it decides to establish\nfurther jurisdiction over an offence covered by the Directive\ncommitted outside their territory, e.g. where:
\nNational contact point: Member States should ensure that they have an\noperational national point of contact and make use of the\nexisting network of operational points of contact available 24\nhours a day and seven days a week. They should also ensure that\nthey have procedures in place so that in urgent requests they can\nindicate within a maximum of 8 hours at least whether the request\nfor help will be answered, as well as the form and the estimated\ntime of this answer.
\nData collection: it is\nstipulated that there is a need to collect comparable data on\noffences referred to in this Directive. Relevant data should be\nmade available to the competent specialised agencies, such as\nEuropol and the European Network and Information Security Agency in\nline with their tasks and information needs. The objective is to\ngain a more complete picture of the problem of cybercrime and\nnetwork and information security at Union level and thereby\ncontribute to formulating more effective responses.
\nReplacement of the Framework Decision\n2005/222/JHA: it is clearly\nstipulated that the Directive aims to amend and expand the\nprovisions of Framework Decision\n2005/222/JHA concerning attacks against\ninformation systems.
\nReports: lastly, the\nCommission should submit, within four years of the adoption of\nthis Directive, a report to the European Parliament and the\nCouncil, assessing the extent to which the Member States have taken\nthe necessary measures in order to comply with this Directive,\naccompanied, if necessary, by legislative proposals. In this\nrespect, the Commission shall also take into account the technical\nand legal developments in the field of cyber crime, particularly\nwith regard to the scope of this Directive.
\nPURPOSE: to\napproximate Member States criminal law in the area of attacks\nagainst information systems.
\n\nCONTENT: the Directive establishes minimum rules\nconcerning the definition of criminal offences and sanctions in\nthe area of attacks against information systems. It also aims to\nfacilitate the prevention of such offences and to improve\ncooperation between judicial and other competent\nauthorities.
\nOffences: for cases\nwhich are not minor, and are committed intentionally and without\nright, the following actions must be punishable as criminal\noffences:
\n\n· \nillegal access to information\nsystems: illegal access to the whole\nor to any part of an information system where committed by\ninfringing a security measure;
\n\n· \nillegal system interference: seriously hindering or interrupting the functioning\nof an information system by inputting computer data, by\ntransmitting, damaging, deleting, deteriorating, altering or\nsuppressing such data, or by rendering such data\ninaccessible;
\n\n· \nillegal data interference: deleting, damaging, deteriorating, altering or\nsuppressing computer data on an information system, or rendering\nsuch data inaccessible;
\n\n· \nillegal interception: intercepting, by technical means, non-public\ntransmissions of computer data to, from or within an information\nsystem, including electromagnetic emissions from an information\nsystem carrying such computer data;
\n\n· \ntools used for committing\noffences: the intentional production,\nsale, procurement for use, import, distribution or otherwise making\navailable, of one of the following tools, without right and with\nthe intention that it be used to commit any of the offences\nreferred to above: (i) a computer programme, designed or adapted\nprimarily for the purpose of committing any of the offences\nreferred to above; ii) a computer password, access code, or similar\ndata by which the whole or any part of an information system is\ncapable of being accessed.
\nIncitement, aiding and abetting and\nattempt: the Directive provides\nthat:
\n\n· \nthe incitement, or aiding and abetting, to\ncommit any of the five offences referred to above must be\npunishable as a criminal offence;
\n\n· \nthe attempt to commit illegal system\ninterference and illegal data interference must be punishable\nas a criminal offence.
\nPenalties: offences\nthat fall within the scope of the Directive should be subject to\nthe following penalties:
\n\n· \na maximum penalty of at least two\nyears of imprisonment, in cases which are not\nminor;
\n\n· \na maximum penalty of at least three\nyears of imprisonment when offences relating to illegal\nsystem interference and illegal data interference\nare committed intentionally, and when a significant number of\ninformation systems have been affected through the use of a tool\ndesigned or adapted primarily for this purpose;
\n\n· \na maximum penalty of at least five\nyears of imprisonment when offences relating to illegal\nsystem interference and illegal data interference are: (i)\ncommitted within the framework of a criminal organisation, or (ii)\ncausing serious damage, or (iii) committed against a critical\ninfrastructure information system.
\nWhen offences relating to illegal system interference\nand illegal data interference are committed by misusing the\npersonal data of another person, with the aim of gaining the trust\nof a third party, thereby causing prejudice to the rightful\nidentity owner, this may be regarded as aggravating circumstances,\nunless those circumstances are already covered by another offence,\npunishable under national law.
\nA recital in the Directive states that setting up\neffective measures against identity theft and other\nidentity-related offences constitutes another important element of\nan integrated approach against cybercrime. Any need for Union\naction against this type of criminal behaviour could also be\nconsidered in the context of evaluating the need for a\ncomprehensive horizontal Union instrument.
\nLegal persons: the\nDirective makes provision for ensuring that legal persons may be\nheld liable and sanctioned.
\nJurisdiction: the\nDirective sets out rules on the establishment of jurisdiction with\nregard to the offences described above. A recital notes that the\ntransnational and borderless nature of modern information\nsystems means that attacks against such systems have a\ncross-border dimension, thus underlining the urgent need for\nfurther action to approximate criminal law in this\narea.
\nNational contact point: Member States must ensure that they have\nan operational national point of contact and make use of\nthe existing network of operational points of contact available 24\nhours a day and seven days a week. They must have procedures in\nplace so that in urgent requests they can indicate within a maximum\nof 8 hours at least whether the request for help will be answered,\nas well as the form and the estimated time of this\nanswer.
\nData collection: a\nrecital in the text states that there is a need to collect\ncomparable data on the offences laid down in this Directive.\nRelevant data should be made available to the competent specialised\nUnion agencies and bodies, such as Europol and ENISA, in line with\ntheir tasks and information needs, in order to gain a more complete\npicture of the problem of cybercrime and network and information\nsecurity at Union level and thereby to contribute to formulating a\nmore effective response. Member States should submit information on\nthe modus operandi of the offenders to Europol and its European\nCybercrime Centre for the purpose of conducting threat assessments\nand strategic analyses of cybercrime in accordance with Council\nDecision 2009/371/JHA.
\nReplacement of Framework Decision\n2005/222/JHA: in relation to Member\nStates participating in the adoption of this Directive, references\nto the Framework Decision 2005/222/JHA shall be construed as\nreferences to this Directive.
\nReport: by 4 September\n2017, the Commission must submit a report assessing the extent to\nwhich the Member States have taken the necessary measures in order\nto comply with the Directive. It will, also take into account the\ntechnical and legal developments in the field of cybercrime,\nparticularly with regard to the scope of the Directive.
\nENTRY INTO FORCE: 3 September 2013.
\nTRANSPOSITION: by 4\nSeptember 2015.
\n