Next event: Final act published in Official Journal 2021/06/08 more...
- Draft final act 2021/05/20
- Final act signed 2021/05/20
- End of procedure in Parliament 2021/05/20
- Debate in Parliament 2021/05/19
- Decision by Parliament, 2nd reading 2021/05/19
- Committee recommendation tabled for plenary, 2nd reading 2021/05/17
- Committee referral announced in Parliament, 2nd reading 2021/05/17
- Committee recommendation tabled for plenary, 2nd reading 2021/05/17
- Commission communication on Council's position 2021/05/03
- Vote in committee, 2nd reading 2021/04/26
- Council position published 2021/04/23
- Committee draft report 2021/03/30
- Committee letter confirming interinstitutional agreement 2021/01/14
- Approval in committee of the text agreed at early 2nd reading interinstitutional negotiations 2021/01/13
- Committee decision to enter into interinstitutional negotiations announced in plenary (Rule 72) 2019/10/09
- Committee decision to open interinstitutional negotiations after 1st reading in Parliament 2019/09/25
- ANDRESEN Rasmus (Verts/ALE) appointed as rapporteur in ITRE 2019/09/02
- Commission response to text adopted in plenary 2019/08/08
- Decision by Parliament, 1st reading 2019/04/17
- Results of vote in Parliament 2019/03/13
- Decision by Parliament, 1st reading 2019/03/13
- Matter referred back to the committee responsible 2019/03/13
- Debate in Parliament 2019/03/11
- Committee report tabled for plenary, 1st reading 2019/02/22
- Vote in committee, 1st reading 2019/02/19
- Committee opinion 2019/01/31
- Economic and Social Committee: opinion, report 2019/01/23
- Amendments tabled in committee 2019/01/17
Progress: Procedure completed
Role | Committee | Rapporteur | Shadows |
---|---|---|---|
Lead | ITRE | ANDRESEN Rasmus ( Verts/ALE) | DEL CASTILLO VERA Pilar ( EPP), GEIER Jens ( S&D), GAMON Claudia ( Renew), TOŠENOVSKÝ Evžen ( ECR), BOTENGA Marc ( GUE/NGL) |
Former Responsible Committee | ITRE | REDA Felix ( Verts/ALE) | |
Former Committee Opinion | IMCO | KOHN Arndt ( S&D) | |
Former Committee Opinion | BUDG |
Lead committee dossier:
Legal Basis:
RoP 59-p4, TFEU 173-p3, TFEU 188 -a1
Legal Basis:
RoP 59-p4, TFEU 173-p3, TFEU 188 -a1Subjects
Events
The European Parliament adopted a legislative resolution approving the Council position at first reading with a view to the adoption of a regulation of the European Parliament and of the Council establishing the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres.
The proposed regulation aims to help the EU maintain and develop the technological and industrial cyber security capacities needed to secure its digital single market.
The regulation:
- establishes the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres, and
- lays down rules for the designation of the national coordination centres and the establishment of the cybersecurity community of competences.
The Competence Centre, which will be based in Bucharest, will, inter alia, allocate cybersecurity-related funding from the Horizon Europe programme and the Digital Europe programme. It will be able to support, in connection with the Member States, the development and acquisition of advanced cybersecurity equipment, tools and data infrastructure in Europe and ensure wide deployment of the latest cybersecurity solutions across all economic sectors.
The European Cybersecurity Industrial, Technology and Research Competence Centre will work in cooperation with a network of national coordination centres designated by the Member States.
The Centre will also bring together key European stakeholders, including industry, academic and research organisations and other relevant civil society associations, to form a cybersecurity competence community to strengthen and disseminate cybersecurity expertise across the EU.
The Council adopted its position at first reading with a view to the adoption of a regulation of the European Parliament and of the Council establishing the European Cybersecurity Industrial, Technology
and Research Competence Centre and the Network of National Coordination Centres.
The proposed regulation aims to help the EU maintain and develop the technological and industrial cyber security capacities needed to secure its digital single market. It provides for the creation of structures at three institutional levels:
1) a European Competence Centre for Cybersecurity Industrial, Technology and Research (at EU level),
2) a Network of National Coordination Centres (national level), and
3) a Cybersecurity Competence Community (at stakeholder level).
Mission of the Competence Centre and the Network
The mission of the Competence Centre and the Network is to help the Union to:
- strengthen its leadership and strategic autonomy in the area of cybersecurity by retaining and developing the Union’s research, academic, societal, technological and industrial cybersecurity capacities and capabilities necessary to enhance trust and security, including the confidentiality, integrity and accessibility of data, in the Digital Single Market;
- support Union technological capacities, capabilities and skills in relation to the resilience and reliability of the infrastructure of network and information systems, including critical infrastructure and commonly used hardware and software in the Union; and
- increase the global competitiveness of the Union’s cybersecurity industry, ensure high cybersecurity standards throughout the Union and turn cybersecurity into a competitive advantage for other Union industries.
Centre of Competence
The Centre’s aim would be to ensure closer coordination between research and innovation and the deployment of strategies at both national and EU level, and to enable Member States to take decisions on their financial contribution to joint actions.
The Competence Centre should:
- implement research and innovation actions (supported by the Horizon Europe programme) as well as capacity building actions (supported by the Digital Europe programme);
- support, together with Member States, the build-up and procurement of advanced cybersecurity equipment, tools and data infrastructure in Europe and ensure wide deployment of the latest cybersecurity solutions across the economy; to this end, the Competence Centre would also be able to facilitate the shared acquisition of capacities on behalf of Member States.
Organisation of the Centre of Competence
The Competence Centre would be based in Bucharest and would have a Governing Board composed of representatives of the Member States and the Commission, responsible for defining the general direction of the Competence Centre’s operations and should ensure that the Competence Centre carries out its tasks in accordance with this Regulation.
The Strategic Advisory Group - consisting of up to 20 members - would provide advice based on a regular dialogue between the Competence Centre and the cyber security competence community.
The European Union Agency for Cyber Security (ENISA) would be a permanent observer on the Governing Board of the Centre of Competence and may provide advice and input on the drafting of the strategy and the annual and multi-annual work programmes.
The Council position includes new articles on gender balance and on the legal personality of the Centre of Competence.
Voting rules
The Governing Board should use a consensual approach in its discussions. A vote should be held if the members of the Governing Board fail to achieve a consensus.
For certain decisions related to the implementation of the Union's budget, as well as for the annual work programme, the multi-annual work programme and the method of calculating Member States' contributions, the Commission would have 26% of the voting rights. The Governing Board would adopt its decisions by a majority of at least 75% of the votes of all its members.
National coordination centres
No later than six months after the date of entry into force of the Regulation, each Member State would designate an entity to act as its national coordination centre.
The national coordination centres would act as national contact points for the Community to assist the Competence Centre in fulfilling its mission and objectives, in particular, to coordinate the Community through coordination between its members in their Member State.
Cybersecurity Competence Community
The Community will contribute to the mission of the Competence Centre and the Network and will enhance, share and disseminate cybersecurity expertise across the EU.
The Community would be composed of collective bodies/organisations and would not include individuals. The Competence Centre and its bodies could draw on the expertise of individuals and natural persons as ad hoc experts.
The European Parliament adopted by 480 votes to 70, with 60 abstentions, a legislative resolution on the proposal for a regulation of the European Parliament and of the Council establishing the European Centre for European Cybersecurity Industrial, Technology and Research Competence Centre and Network of National Coordination Centres.
The position of the European Parliament adopted at first reading in the framework of the ordinary legislative procedure amended the Commission proposal as follows:
Parliament recalled that in 2017, 80 % of the European companies experienced at least one cyber incident making it necessary to adopt the highest standards and comprehensive cyber security solutions.
The objectives of the proposed Regulation would be to strengthen the Union's competitiveness and capabilities in cybersecurity, and to reduce its digital dependency by improving the uptake of cybersecurity products, processes and services developed within the Union.
The European Competence Centre and the network of national coordination centres established by the Regulation shall contribute to overall resilience and awareness of cyber security threats in the Union, taking into account the implications for society.
Members clarified the missions and tasks of the Competence Centre, including:
develop the technological, industrial, societal, societal, academic and research skills and expertise in cybersecurity necessary to secure its digital single market and strengthen data protection for EU citizens, businesses and public administrations; contribute to increasing the resilience and reliability of network and information systems infrastructure, including the Internet and other infrastructures critical to the functioning of society, such as transport, health and banking systems; develop the cybersecurity technological, industrial, societal, academic and research expertise capacities and capabilities; raise the awareness for cybersecurity threats, and related societal and ethical implications and concerns and reduce the skills gap in cybersecurity in the Union; develop European leadership in cybersecurity and ensure the highest cybersecurity standards throughout the Union; reinforce the trust of citizens, consumers and businesses in the digital world; provide financial support and technical assistance to start-ups, SMEs, microenterprises, associations, individual experts and civil technology projects in the field of cybersecurity; finance software security code controls and related improvements in free and open source software projects commonly used for infrastructure, products and processes; facilitate the sharing of cybersecurity knowledge and technical assistance among others to civil society, industry and public authorities, as well as to the academic and research communities; promote "safety by design" as a principle in the process of developing, maintaining, operating and updating infrastructure, products and services, in particular by supporting the latest safe development methods, appropriate safety tests and safety audits; ensure respect for fundamental rights and ethical behaviour in cybersecurity research projects supported by the Competence Centre; monitor reports of vulnerabilities discovered by the Community and facilitating the disclosure of vulnerabilities, the development of patches, fixes and solutions; support research in the field of cybercrime and the development of products and processes that can be freely studied, shared and developed; provide specific support to SMEs by facilitating their tailor-made access to knowledge and training; enhance cooperation between the civil and defence spheres with regard to dual use technologies and applications in cybersecurity, by carrying out the following tasks, which shall be reactive and defensive cyber defence technology; contribute to the Union's efforts to strengthen international cooperation on cybersecurity.
National Coordination Centres
A National Coordination Centre shall be set up in each Member State.
The relationship between the Competence Centre and the national coordination centres shall be based on a standard contractual agreement signed between the Competence Centre and each of the national coordination centres.
National Centres shall cooperate closely with national standards bodies to promote the adoption of existing standards and to involve all relevant stakeholders, in particular SMEs, in the development of new standards. They shall also serve as a one-stop shop for products and processes funded by other EU programmes and provide a minimum common curriculum on cybersecurity.
Cybersecurity Competence Community
The Cybersecurity Competence Community contributes to the mission of the Competence Centre and disseminates cybersecurity expertise across the Union.
The Competence Community shall include civil society, industry, both on the demand and supply side, including SMEs, academia and science, user associations, individual experts, relevant European standards bodies and other associations, as well as public entities and other entities dealing with operational and technical issues in the field of cybersecurity.
Governing structure
The Governing Board shall be composed of one representative from each Member State, one representative appointed by the European Parliament as an observer, and four representatives of the Commission, on behalf of the Union, and shall aim to achieve gender balance between the members of the Governing Board and their alternates.
The Centre and its bodies shall ensure that conflicts of interest are not only identified, but are resolved and addressed in a transparent and accountable manner. Member States shall ensure that the same applies to national coordination centres.
The Industry and Scientific Advisory Committee, composed of a maximum of 25 members, would regularly advise the Competence Centre on the execution of its activities.
Financial contribution of the Union
This shall amount to EUR 1 780 954 875 at 2018 prices (EUR 1 998 696 000 in current prices) from the Digital Europe programme , including up to EUR 21 385 465 at 2018 prices (EUR 23 746 000 in current prices) for administrative costs. It shall also include an amount from the European Defence Fund for the defence-related actions of the Competence Centre.
The European Parliament adopted by 489 votes to 73, with 56 abstentions, amendments to the proposal for a regulation of the European Parliament and of the Council establishing the European Centre for European Cybersecurity Industrial, Technology and Research Competence Centre and Network of National Coordination Centres.
The matter was referred to the committee responsible for interinstitutional negotiations.
The main amendments adopted in plenary concern the following points:
Objectives and missions of the Competence Centre
Parliament recalled that in 2017, 80 % of the European companies experienced at least one cyber incident making it necessary to adopt the highest standards and comprehensive cyber security solutions by mobilising people, products, processes and technology at European level.
The European Competence Centre and the network of national coordination centres established by the Regulation shall contribute to overall resilience and awareness of cyber security threats in the Union, taking into account the implications for society.
Members clarified the missions and tasks of the Competence Centre, including:
contribute to increasing the resilience and reliability of network and information systems infrastructure, including the Internet and other infrastructures critical to the functioning of society, such as transport, health and banking systems; develop the cybersecurity technological, industrial, societal, academic and research expertise capacities and capabilities; raise the awareness for cybersecurity threats, and related societal and ethical implications and concerns and reduce the skills gap in cybersecurity in the Union; develop European leadership in cybersecurity and ensure the highest cybersecurity standards throughout the Union; strengthen Union competitiveness and capacities while reducing its digital dependence by increasing the uptake of cybersecurity products, processes and services developed within the Union; reinforce the trust of citizens, consumers and businesses in the digital world; provide financial support and technical assistance to start-ups, SMEs, microenterprises, associations, individual experts and civil technology projects in the field of cybersecurity; finance software security code controls and related improvements in free and open source software projects commonly used for infrastructure, products and processes; facilitate the sharing of cybersecurity knowledge and technical assistance among others to civil society, industry and public authorities, as well as to the academic and research communities; promote "safety by design" as a principle in the process of developing, maintaining, operating and updating infrastructure, products and services, in particular by supporting the latest safe development methods, appropriate safety tests and safety audits; ensure respect for fundamental rights and ethical behaviour in cybersecurity research projects supported by the Competence Centre; monitor reports of vulnerabilities discovered by the Community and facilitating the disclosure of vulnerabilities, the development of patches, fixes and solutions; support research in the field of cybercrime and the development of products and processes that can be freely studied, shared and developed; enhance cooperation between the civil and defence spheres with regard to dual use technologies and applications in cybersecurity, by carrying out the following tasks, which shall be reactive and defensive cyber defence technology; contribute to the Union's efforts to strengthen international cooperation on cybersecurity.
National Coordination Centres
A National Coordination Centre shall be set up in each Member State.
The relationship between the Competence Centre and the national coordination centres shall be based on a standard contractual agreement signed between the Competence Centre and each of the national coordination centres.
National Centres shall cooperate closely with national standards bodies to promote the adoption of existing standards and to involve all relevant stakeholders, in particular SMEs, in the development of new standards. They shall also serve as a one-stop shop for products and processes funded by other EU programmes and provide a minimum common curriculum on cybersecurity.
Cybersecurity Competence Community
The Cybersecurity Competence Community contributes to the mission of the Competence Centre and disseminates cybersecurity expertise across the Union.
The Competence Community shall include civil society, industry, both on the demand and supply side, including SMEs, academia and science, user associations, individual experts, relevant European standards bodies and other associations, as well as public entities and other entities dealing with operational and technical issues in the field of cybersecurity.
Governing structure
The Governing Board shall be composed of one representative from each Member State, one representative appointed by the European Parliament as an observer, and four representatives of the Commission, on behalf of the Union, and shall aim to achieve gender balance between the members of the Governing Board and their alternates.
The Centre and its bodies shall ensure that conflicts of interest are not only identified, but are resolved and addressed in a transparent and accountable manner. Member States shall ensure that the same applies to national coordination centres.
The Industry and Scientific Advisory Committee, composed of a maximum of 25 members, would regularly advise the Competence Centre on the execution of its activities.
Financial contribution of the Union
This shall amount to EUR 1 780 954 875 at 2018 prices (EUR 1 998 696 000 in current prices) from the Digital Europe programme , including up to EUR 21 385 465 at 2018 prices (EUR 23 746 000 in current prices) for administrative costs. It shall also include an amount from the European Defence Fund for the defence-related actions of the Competence Centre.
The Committee on Industry, Research and Energy adopted the report by Julia REDA (Greens/EFA, DE) on the proposal for a regulation of the European Parliament and of the Council establishing the European Centre for Industrial, Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres.
The committee recommended that the European Parliament's position adopted at first reading under the ordinary legislative procedure should amend the Commission's proposal as follows:
Objectives and missions of the Competence Centre
The European Cybersecurity Industrial, Technology and Research Competence Centre should help increase the resilience and reliability of the infrastructure of network and information systems, including the internet and other critical infrastructure for the functioning of society such as transport, health, and banking systems.
Members clarified the missions and tasks of the Competence Centre, including:
contribute to increasing the resilience and reliability of network and information systems infrastructure, including the Internet and other infrastructures critical to the functioning of society, such as transport, health and banking systems; raise the awareness for cybersecurity threats, and related societal and ethical implications and concerns and reduce the skills gap in cybersecurity in the Union; develop European leadership in cybersecurity and ensure the highest cybersecurity standards throughout the Union; strengthen Union competitiveness and capacities while reducing its digital dependence by increasing the uptake of cybersecurity products, processes and services developed within the Union; reinforce the trust of citizens, consumers and businesses in the digital world; provide financial support and technical assistance to start-ups, SMEs, microenterprises, associations, individual experts and civil technology projects in the field of cybersecurity; finance software security code controls and related improvements in free and open source software projects commonly used for infrastructure, products and processes; facilitate the sharing of cybersecurity knowledge and technical assistance among others to civil society, industry and public authorities, as well as to the academic and research communities; promote "safety by design" as a principle in the process of developing, maintaining, operating and updating infrastructure, products and services, in particular by supporting the latest safe development methods, appropriate safety tests and safety audits; ensure respect for fundamental rights and ethical behaviour in cybersecurity research projects supported by the Competence Centre; monitor reports of vulnerabilities discovered by the Community and facilitating the disclosure of vulnerabilities, the development of patches, fixes and solutions; support research in the field of cybercrime and the development of products and processes that can be freely studied, shared and developed; contribute to the Union's efforts to strengthen international cooperation on cybersecurity.
National Coordination Centres
A National Coordination Centre shall be set up in each Member State.
The relationship between the Competence Centre and the national coordination centres shall be based on a standard contractual agreement signed between the Competence Centre and each of the national coordination centres. The agreement shall consist of the same set of harmonised general conditions providing the rules governing the relationship and division of tasks between the Competence Centre and each National Coordination Centre and special conditions tailored on the particular National Coordination Centre.
National Centres shall cooperate closely with national standards bodies to promote the adoption of existing standards and to involve all relevant stakeholders, in particular SMEs, in the development of new standards. They shall also promote and disseminate a minimum common curriculum on cybersecurity.
Cybersecurity Competence Community
The Cybersecurity Competence Community contributes to the mission of the Competence Centre and disseminates cybersecurity expertise across the Union.
The Competence Community shall include civil society, industry, both on the demand and supply side, including SMEs, academia and science, user associations, individual experts, relevant European standards bodies and other associations, as well as public entities and other entities dealing with operational and technical issues in the field of cybersecurity.
Governing structure
The Governing Board shall be composed of one representative from each Member State, one representative appointed by the European Parliament as an observer, and four representatives of the Commission, on behalf of the Union, and shall aim to achieve gender balance between the members of the Governing Board and their alternates.
The Centre and its bodies shall ensure that conflicts of interest are not only identified, but are resolved and addressed in a transparent and accountable manner. Member States shall ensure that the same applies to national coordination centres.
The Industry and Scientific Advisory Committee would regularly advise the Competence Centre on the execution of its activities.
Financial contribution of the Union
This shall amount to EUR 1 780 954 875 at 2018 prices (EUR 1 998 696 000 in current prices) from the Digital Europe programme , including up to EUR 21 385 465 at 2018 prices (EUR 23 746 000 in current prices) for administrative costs. It shall also include an amount from the European Defence Fund for the defence-related actions of the Competence Centre.
The Commission staff working document presents the impact assessment accompanying the proposal for a Regulation of the European Parliament and of the Council establishing the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres.
The European Union has already put in place a number of policy and regulatory instruments to address fast evolving cyber threats and to secure its society, economy and democracy against them.
However, at present, the EU still lacks sufficient technological and industrial capacities to autonomously secure its economy and critical infrastructures and to become a global leader in cybersecurity field. There are still problems relating to the EU's insufficient cybersecurity technological and industrial capacities.
To this end, it aims to address the following problems:
insufficient level of strategic and sustainable coordination and cooperation between industries, cybersecurity research communities and governments to shield economy, society and democracy with leading-edge European cybersecurity solutions; sub-scale investment and limited access to cybersecurity know- how, skills and facilities across Europe; few European cybersecurity research and innovation outcomes translated into marketable solutions and widely deployed across the economy.
The following options were looked at:
Option 1: Cybersecurity Competence Network with a European Cybersecurity Industrial and Research Competence Centre entity empowered to pursue measures in support of industrial technologies as well as in the domain of research and innovation. Option 2: Cybersecurity Competence Network with a European Cybersecurity Research and Competence Centre limited to research and innovation activities only.
Preferred option : t he chosen option (option 1) is the creation of a Network of Cybersecurity Competence Centres with a European Cybersecurity Industrial, Technological and Research Competence Centre empowered to take action in favour of industrial technologies as well as in the field of research and innovation. According to the Commission, it represents the best instrument capable to implement the goals of the initiative while offering the highest economic, societal, and environmental impact and safeguarding the Union’s interests.
The main arguments in favour of setting the European Cybersecurity Industrial and Research Competence Centre supporting the Network as an EU entity based on art. 173 and 187 TFEU (autonomous EU legal entity, with its own budget, staff, structure, rules and governance) are:
it ensures flexibility to allow different cooperation models with the network of competence centres to optimise the use of existing knowledge and resources including financial tools and other incentives supporting members of the network; it provides a visible legal, contractual and organisational common framework to structure the joint commitments of the public and private stakeholders coming from all relevant sectors, including defence; it allows for the creation of a real cybersecurity industrial policy by supporting activities related not only to research and development but also to market deployment activities; it can act as an implementation mechanism for different EU cybersecurity funding streams under the next Multi-annual financial framework (Digital Europe Programme, Horizon Europe) and enhance synergies between the civilian and defence dimensions of cybersecurity in relation to the European Defence Fund.
The Commission staff working document summarises the impact assessment accompanying the proposal for a Regulation of the European Parliament and of the Council establishing the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres.
To this end, it aims to address the following problems:
· insufficient level of strategic and sustainable coordination and cooperation between industries, cybersecurity research communities and governments to shield economy, society and democracy with leading-edge European cybersecurity solutions;
· sub-scale investment and limited access to cybersecurity know- how, skills and facilities across Europe;
· few European cybersecurity research and innovation outcomes translated into marketable solutions and widely deployed across the economy.
Solutions : a number of policy options have been considered, both legislative and non-legislative.
The option chosen is the creation of a Network of Cybersecurity Competence Centres with a European Cybersecurity Industrial, Technological and Research Competence Centre empowered to take action in favour of industrial technologies as well as in the field of research and innovation.
The creation of the Competence Centre would be based on a dual legal basis due to its nature and specific objectives, namely Articles 187 and 173 TFEU .
The analysis showed that this option is the most appropriate to achieve the goals of the initiative, while ensuring the best economic, societal and environmental benefits and safeguarding the best interests of the Union.
The initiative would add value to current national efforts:
by helping to create an inter-connected, Europe-wide cybersecurity industrial and research ecosystem ; by encouraging better cooperation between relevant stakeholders (including between cybersecurity civilian and defence sectors) to make the best use of existing cybersecurity resources and expertise spread across Europe.
Impacts of the preferred option : the expected benefits would be as follows:
the possibility for public authorities and industries across Member States to more effectively prevent and respond to cyber threats by offering and equipping itself with more secure products and solutions. This is in particular relevant for the protection of access to essential services (e.g. transport, health, banking and financial services); the creation of a mechanism capable of building Member States' and Union's cybersecurity industrial capacities and effectively translating European scientific excellence into marketable solutions that could be deployed across the economy; pooling resources to invest in the necessary capacities at Member State level and develop common European assets while achieving economies of scale; the possibility for SMEs , industries and researchers to have increased access to infrastructure; the reduction of the costs of designing new products for SMEs and open up opportunities in terms of costs reduction for the design of new products and it will help them gain easier access to the investors' community and attract the necessary funding to deploy marketable solutions; allowing defence and civilian communities to work together on shared challenges; improving coherence and synergies between different funding mechanism; an indirect positive impact on the environment could be achieved through developing specific cybersecurity solutions for sectors having potentially huge environmental impact (e.g. nuclear power plants).
This initiative has a clear positive impact as it is likely to substantially increase Member States' capacities to autonomously secure their economies, including protecting the critical sectors, increasing competitiveness of European cybersecurity businesses as well as industries across different sectors. This should ultimately allow the EU to become a leader in the next-generation digital and cybersecurity technologies.
PURPOSE: to pool resources and expertise in the field of cybersecurity technologies.
PROPOSED ACT: Regulation of the European Parliament and of the Council.
ROLE OF THE EUROPEAN PARLIAMENT: the European Parliament decides in accordance with the ordinary legislative procedure and on an equal footing with the Council.
BACKGROUND: cybersecurity is an issue of common interest of the Union . Future security depends, among others, on enhancing technological and industrial ability to protect the Union against cyber threats, as both civilian infrastructure and military capacities rely on secure digital systems.
Following the 2013 cybersecurity strategy , the Union has continued to increase its activities to meet the growing challenges of cybersecurity:
in 2016, the Union adopted its first measures in the area of cybersecurity through Directive (EU) 2016/1148 of the European Parliament and of the Council on security of network and information systems; the creation in 2016 of the Public-Private Partnership (‘cPPP’) on cybersecurity in the Union was a solid first step bringing together the research, industry and public sector communities to facilitate research and innovation in cybersecurity and within the limits of the 2014-2020 financial framework should result in good, more focused outcomes in research and innovation. It will have triggered up to EUR 1.8 billion of investment by 2020; in September 2017, the Commission and the High Representative of the Union for Foreign Affairs and Security Policy presented a joint Communication on ‘Resilience, Deterrence and Defence: Building strong cybersecurity for the EU’ to further reinforce the Union’s resilience, deterrence and response to cyber-attacks; at the Tallinn Digital Summit in September 2017, Heads of State and Government called on the Union to become a global leader in the field of cybersecurity by 2025.
With more than 660 cyber security competence centres throughout the EU, the EU already has considerable expertise in this area. However, the efforts of the research and industry communities are fragmented, lacking alignment and a common mission, which hinders the EU's competitiveness in this field.
The Commission considers that t hese efforts and expertise need to be pooled , networked and used in an efficient manner to reinforce and complement existing research, technology and industrial capacities at Union and national levels.
IMPACT ASSESSMENT: among the main arguments in favour of the selected option were:
the ability to create a real cybersecurity industrial policy by supporting activities related not only to research and development but also to market deployment; the flexibility to allow different cooperation models with the community and the network of competence centres to optimise the use of existing knowledge and resources; the ability to structure cooperation of the public and private stakeholders coming from all relevant sectors, including defence.
CONTENT: this Regulation proposes to establish the European Cybersecurity Industrial, Technology and Research Competence Centre , as well as the Network of National Coordination Centres , and lays down rules for the nomination of National Coordination Centres as well as for the establishment of the Cybersecurity Competence Community.
The Competence Centre : its role would be to facilitate the work of the Network of National Coordination Centres and to enhance the cybersecurity competences, by driving the cybersecurity technological agenda and facilitating access to the expertise so gathered.
To this end, it would coordinate the use of cybersecurity funds under the EU's next long-term budget for the period 2021-2027 under the Digital Europe Programme and the Horizon Europe Programme . Its objectives would be:
· to enhance cybersecurity capabilities, knowledge and infrastructures at the service of industries, the public sector and research communities;
· to contribute to the wide deployment of the latest cyber security products and solutions across the economy;
· to improve the understanding of cybersecurity and contribute to reducing skills gaps in the Union related to cybersecurity;
· to contribute to the reinforcement of cybersecurity research and development in the Union;
· to enhance synergies between the civilian and defence dimensions of cybersecurity.
The Competence Centre would be set up as a European partnership to facilitate joint investment by the Union, Member States and/or industry. Therefore, the proposal requires Member States to contribute a commensurate amount to the actions of the Competence Centre and Network. The principal decision-making body is the Governing Board, in which all Member States take part but only those Member States which participate financially have voting rights.
The Network of National Coordination Centres : each Member State would nominate a national coordination centre to lead the Network, which would focus on developing new and expanded cybersecurity capabilities and expertise. The Network would identify and support the most relevant cybersecurity projects in Member States.
The Cybersecurity Competences Community : this would contribute to the mission of the Competence Centre by enhancing and disseminating cybersecurity expertise throughout the Union. It would involve a large and diverse group of actors involved in the development of cybersecurity technologies, such as research organisations, supply and demand side industries and the public sector.
BUDGETARY IMPLICATIONS: the Union's contribution to the Competence Centre to cover administrative and operating costs includes the following elements:
EUR 1 981 668 000 from the Digital Europe Programme, of which up to EUR 23 746 000 for administrative costs; EUR 2.8 billion from the Horizon Europe programme, including for administrative costs; this contribution will be proposed by the Commission during the legislative process and, in any case, before a political agreement is reached.
Documents
- Final act published in Official Journal: Regulation 2021/887
- Final act published in Official Journal: OJ L 202 08.06.2021, p. 0001
- Draft final act: 00028/2021/LEX
- Debate in Parliament: Debate in Parliament
- Decision by Parliament, 2nd reading: T9-0246/2021
- Committee recommendation tabled for plenary, 2nd reading: A9-0166/2021
- Committee recommendation tabled for plenary, 2nd reading: A9-0166/2021
- Commission communication on Council's position: COM(2021)0225
- Commission communication on Council's position: EUR-Lex
- Council position published: 05628/2/2021
- Committee draft report: PE689.669
- Committee letter confirming interinstitutional agreement: PE662.120
- Approval in committee of the text agreed at early 2nd reading interinstitutional negotiations: PE662.120
- Commission response to text adopted in plenary: SP(2019)440
- Decision by Parliament, 1st reading: T8-0419/2019
- Results of vote in Parliament: Results of vote in Parliament
- Decision by Parliament, 1st reading: T8-0189/2019
- Debate in Parliament: Debate in Parliament
- Committee report tabled for plenary, 1st reading: A8-0084/2019
- Committee opinion: PE630.409
- Economic and Social Committee: opinion, report: CES4805/2018
- Amendments tabled in committee: PE632.973
- Economic and Social Committee: opinion, report: CES5208/2018
- Committee draft report: PE631.940
- Contribution: COM(2018)0630
- Contribution: COM(2018)0630
- Contribution: COM(2018)0630
- Document attached to the procedure: EUR-Lex
- Document attached to the procedure: SWD(2018)0403
- Document attached to the procedure: EUR-Lex
- Document attached to the procedure: SWD(2018)0404
- Legislative proposal published: COM(2018)0630
- Legislative proposal published: EUR-Lex
- Document attached to the procedure: EUR-Lex SWD(2018)0403
- Document attached to the procedure: EUR-Lex SWD(2018)0404
- Committee draft report: PE631.940
- Economic and Social Committee: opinion, report: CES5208/2018
- Amendments tabled in committee: PE632.973
- Economic and Social Committee: opinion, report: CES4805/2018
- Committee opinion: PE630.409
- Commission response to text adopted in plenary: SP(2019)440
- Committee letter confirming interinstitutional agreement: PE662.120
- Committee draft report: PE689.669
- Commission communication on Council's position: COM(2021)0225 EUR-Lex
- Committee recommendation tabled for plenary, 2nd reading: A9-0166/2021
- Draft final act: 00028/2021/LEX
- Contribution: COM(2018)0630
- Contribution: COM(2018)0630
- Contribution: COM(2018)0630
Activities
Amendments | Dossier |
198 |
2018/0328(COD)
2018/12/13
IMCO
198 amendments...
Amendment 100 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point a (a) having regard to the state-of-the-art cybersecurity industrial and research infrastructures and related services , acquiring, upgrading, operating and making available such infrastructures and related services in a fair, open and transparent way to a wide range of users across the Union from industry including SMEs, the public sector and the research and scientific community;
Amendment 101 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point a a (new) (a a) facilitating access to facilities and related services other than its own to a wide range of users and stakeholders, where these are made available;
Amendment 102 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point b (b)
Amendment 103 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point b (b) having regard to the state-of-the-art cybersecurity industrial and research infrastructures and related services, providing support to other entities, including financially, to acquiring, upgrading, operating and making available such infrastructures and related services to a wide range of users across the Union from industry
Amendment 104 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point b a (new) (b a) providing financial support and technical assistance to cybersecurity start- ups, SMEs, micro-enterprises, individual experts; to Free and Open Source Software projects, commonly used for infrastructure, products and processes; and to civic tech projects;
Amendment 105 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point b b (new) (b b) providing software security code audits and improvements for Free and Open Source Software projects, commonly used for infrastructure, products and processes;
Amendment 106 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point c (c)
Amendment 107 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point c (c) providing cybersecurity knowledge and technical assistance to industry, in particular SMEs, the manufacturing and traditional sectors, and public authorities, in particular by supporting actions aimed at facilitating access to the expertise available in the Network and the Cybersecurity Competence Community;
Amendment 108 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point c a (new) (c a) promoting “security by design” as principle in the process of developing, maintaining, operating, and updating infrastructures, products and services; in particular by supporting state-of-the-art secure development methods, adequate security testing, security audits; including the commitment of producer or provider to make available updates remedying new vulnerabilities or threats, without delay, and beyond the estimated product lifetime, or enabling a third party to create and provide such updates;
Amendment 109 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point c b (new) (c b) promoting the development of source code contribution policies, in particular where Free and Open Source Software projects are used, modified, and enhanced in public authorities; and especially where the Free and Open Source Software is commonly used for infrastructure, products and processes;
Amendment 110 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – introductory part 4. contribute to the wide deployment of state-of-the-art cyber security products and solutions across the economy, by carrying out the following tasks, in accordance with the principles of equal treatment and no discrimination of Directive 2014/24/EU:
Amendment 111 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – introductory part 4. contribute to the wide deployment of state-of-the-art internationally recognized cyber security products and solutions across the economy, by carrying out the following tasks:
Amendment 112 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – introductory part 4. contribute to the wide deployment of state-of-the-art and sustainable cyber
Amendment 113 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – introductory part 4. contribute dynamically to the wide deployment of state-of-the-art cyber security products and solutions across the economy, by carrying out the following tasks:
Amendment 114 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – point a (a) stimulating cybersecurity research, development and the uptake of Union cybersecurity products and solutions, including by public authorities and
Amendment 115 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – point a a (new) (a a) supporting cybersecurity research in the field of cyberespionage and IP theft, including through the development of new technologies aimed at blocking transactions involving the purchase of counterfeit goods.
Amendment 116 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – point b (b) assisting public authorities, demand side industries and other users in adopting and integrating
Amendment 117 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – point c (c) supporting in particular public authorities in organising their public procurement, or carrying out procurement of state-of-the-art cybersecurity products and solutions on behalf of public authorities, including by providing support for sustainable procurement;
Amendment 118 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – point c (c)
Amendment 119 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – point d (d) providing financial support and technical assistance to cybersecurity start- ups
Amendment 120 #
Proposal for a regulation Article 4 – paragraph 1 – point 4 – point d a (new) (d a) Stimulating the uptake of cybersecurity certification in line with Regulation of the European Parliament and of the Council on ENISA, the "EU Cybersecurity Agency", and repealing Regulation (EU) 526/2013, and on Information and Communication Technology cybersecurity certification (''Cybersecurity Act'') COM/2017/0477 final - 2017/0225 (COD).
Amendment 121 #
Proposal for a regulation Article 4 – paragraph 1 – point 5 – introductory part 5. improve the understanding of cybersecurity
Amendment 122 #
Proposal for a regulation Article 4 – paragraph 1 – point 5 – introductory part 5. improve the understanding of cybersecurity, also of private individuals, and contribute to reducing skills gaps in the Union related to cybersecurity by carrying out the following tasks:
Amendment 123 #
Proposal for a regulation Article 4 – paragraph 1 – point 5 – point -a (new) (-a) raising awareness for the infrastructure-relevance of some commonly used Free and Open Source Software projects, products and processes in coordination with relevant Union agencies and bodies including ENISA, as well as the Network and the Community;
Amendment 124 #
Proposal for a regulation Article 4 – paragraph 1 – point 5 – point a (a) supporting further development of cybersecurity
Amendment 125 #
Proposal for a regulation Article 4 – paragraph 1 – point 5 – point a (a) supporting further development of cybersecurity skills
Amendment 126 #
Proposal for a regulation Article 4 – paragraph 1 – point 5 – point a a (new) (a a) Ensuring the Competence Centre links to existing work on standardisation, including research into the effects on cybersecurity of existing international standards and any associated certification and/or promotion schemes.
Amendment 127 #
Proposal for a regulation Article 4 – paragraph 1 – point 5 a (new) 5 a. Supporting alignment and high quality in cybersecurity education and professional training.
Amendment 128 #
Proposal for a regulation Article 4 – paragraph 1 – point 6 – point a (a) providing financial support to cybersecurity research efforts based on a common, continuously evaluated and improved multiannual strategic, industrial, technology and research
Amendment 129 #
Proposal for a regulation Article 4 – paragraph 1 – point 6 – point b (b) supporting large-scale research and demonstration projects in next generation cybersecurity technological capabilities, in collaboration with the industry
Amendment 130 #
Proposal for a regulation Article 4 – paragraph 1 – point 6 – point c (c) supporting research and innovation for formal and non-formal standardisation in cybersecurity
Amendment 131 #
Proposal for a regulation Article 4 – paragraph 1 – point 6 – point c (c) support research and innovation for standardisation in cybersecurity technology, where appropriate aligning with relevant EU agencies and bodies including ENISA;
Amendment 132 #
Proposal for a regulation Article 4 – paragraph 1 – point 6 – point c – point i (new) (i) develop the tools and technologies needed to address constantly evolving threats;
Amendment 133 #
Proposal for a regulation Article 4 – paragraph 1 – point 6 – point c a (new) (c a) supporting the development of independent products and processes that can be freely studied, shared, and built upon, in close cooperation with the industry, the Network and the Community.
Amendment 134 #
Proposal for a regulation Article 4 – paragraph 1 – point 7 Amendment 135 #
Proposal for a regulation Article 4 – paragraph 1 – point 7 – point b (b) contributing to cooperation between Member States by supporting education, training
Amendment 136 #
Proposal for a regulation Article 4 – paragraph 1 – point 7 – point c (c) bringing together stakeholders, to foster synergies between civil and defence cyber security research and markets, where appropriate aligning activities with relevant EU agencies and bodies including ENISA;
Amendment 137 #
Proposal for a regulation Article 4 – paragraph 1 – point 8 Amendment 138 #
Proposal for a regulation Article 4 – paragraph 1 – point 8 – introductory part 8. enhance synergies between the civil and defence dimensions of cybersecurity, while generally maintaining its constitutionally or legally required division, in relation to the European Defence Fund by carrying out the following tasks:
Amendment 139 #
Proposal for a regulation Article 4 – paragraph 1 – point 8 – point a (a)
Amendment 140 #
Proposal for a regulation Article 4 – paragraph 1 – point 8 – point b (b) managing multinational and cross boarder cyber defence projects, when requested by Member States, and thus acting as a project manager within the meaning of Regulation XXX [Regulation establishing the European Defence Fund].
Amendment 141 #
Proposal for a regulation Article 4 – paragraph 1 – point 8 a (new) 8 a. contribute to the Union’s efforts to enhance cooperation with regard to cybersecurity by: (a) facilitating the participation of the Network and the Community in international conferences; (b) facilitating the contribution of the Network and the Community to standardisation organisations; (c) cooperating with third countries and international organisations within relevant international cooperation frameworks; (d) facilitating the participation of the Governing Board in international governmental organisations; (e) assisting and providing advice to the Commission with regard to the implementation of Regulation (EU) 2019/XXX [recast of Regulation (EC) No 428/2009 as proposed by COM(2016)616]27a; _________________ 27a Regulation (EU) 2019/XXX of the European Parliament and the Council of ... setting up a Community regime for the control of exports, transfer, brokering and transit of dual-use items, and EU restrictive measures in force, in particular as regards the export of cybersurveillance and intrusion technology (OJ L ..., ..., p. ...).
Amendment 142 #
Proposal for a regulation Article 4 – paragraph 1 – point 8 b (new) 8 b. contributing to the fundamental rights and ethics assessment of cybersecurity research funded by the Competence Centre.
Amendment 143 #
Proposal for a regulation Article 5 – paragraph 1 – point a a (new) (a a) ensure that as a result of Union contribution, access is open by default and re-use is possible;
Amendment 144 #
Proposal for a regulation Article 5 – paragraph 1 – point b (b) additional rules governing access to and use of an infrastructure or capability.
Amendment 145 #
Proposal for a regulation Article 5 – paragraph 2 2. The Competence Centre may be responsible for the overall execution of relevant joint procurement actions including pre-commercial procurements on behalf of members of the Network
Amendment 146 #
Proposal for a regulation Article 6 – paragraph 1 1. By
Amendment 147 #
Proposal for a regulation Article 6 – paragraph 4 4. The nominated National Coordination Centre shall have the capability to support the Competence Centre and the Network in fulfilling their mission laid out in Article 3 of this Regulation. They shall possess or have direct access to technological expertise in cybersecurity and be in a position to effectively engage and coordinate with industry, the public sector and the academic and research community. The Commission shall issue guidelines further detailing the assessment procedure and explaining the application of the criteria.
Amendment 148 #
Proposal for a regulation Article 6 – paragraph 5 5. The relationship between the Competence Centre and the National Coordination Centres shall be based on a contractual agreement signed between the Competence Centre and each of the National Coordination Centres. The agreement shall
Amendment 149 #
Proposal for a regulation Article 7 – paragraph 1 – point a (a) supporting the Competence Centre in achieving its objectives and in particular in establishing and coordinating the Cybersecurity Competence Community;
Amendment 150 #
Proposal for a regulation Article 7 – paragraph 1 – point b (b) promoting, encouraging and facilitating the participation of
Amendment 151 #
Proposal for a regulation Article 7 – paragraph 1 – point b (b)
Amendment 152 #
Proposal for a regulation Article 7 – paragraph 1 – point b (b)
Amendment 153 #
Proposal for a regulation Article 7 – paragraph 1 – point c (c) contributing, together with the Competence Centre, to identifying and addressing sector-specific cyber security industrial challenges, including state- sponsored cyberespionage;
Amendment 154 #
Proposal for a regulation Article 7 – paragraph 1 – point c (c) contributing, together with the Competence Centre, to identifying and addressing sector-specific cyber
Amendment 155 #
Proposal for a regulation Article 7 – paragraph 1 – point c a (new) (c a) cooperating closely with National Standardisation Organisations to ensure the uptake of existing standards and to involve all relevant stakeholders, particularly SMEs, in setting new standards;
Amendment 156 #
Proposal for a regulation Article 7 – paragraph 1 – point e (e) seeking to establish synergies with relevant activities at the national and regional level in order to achieve the goal of Union security;
Amendment 157 #
Proposal for a regulation Article 7 – paragraph 1 – point e (e) seeking to establish synergies with relevant activities at the national
Amendment 158 #
Proposal for a regulation Article 7 – paragraph 1 – point f a (new) (f a) promoting and disseminating a common minimal cybersecurity educational curricula in cooperation with the relevant bodies in the Member States;
Amendment 159 #
Proposal for a regulation Article 7 – paragraph 1 – point g (g) promoting and disseminating the relevant outcomes of the work by the Network, the Cybersecurity Competence Community and the Competence Centre at national
Amendment 160 #
Proposal for a regulation Article 7 – paragraph 1 – point g (g) promoting and disseminating the relevant outcomes of the work by the Network, the Cybersecurity Competence Community and the Competence Centre at national
Amendment 161 #
Proposal for a regulation Article 7 – paragraph 1 – point h (h) assessing requests by entities and individuals established in the same Member State as the Coordination Centre for becoming part of the Cybersecurity Competence Community.
Amendment 162 #
Proposal for a regulation Article 7 – paragraph 1 – point h – point i (new) i) promoting awareness campaigns, notably for SMEs and together with the Competence Centre provide the necessary cybersecurity skills and solutions;
Amendment 163 #
Proposal for a regulation Article 8 – paragraph 1 1. The Cybersecurity Competence Community
Amendment 164 #
Proposal for a regulation Article 8 – paragraph 2 2. The Cybersecurity Competence Community shall consist of industry, including SMEs and associations of SMEs, the European Standardisation Organisations, associations of users, academic and non-profit research organisations, and associations operating at national or at European level, as well as public entities and other entities dealing with operational and technical matters. It shall bring together the main stakeholders with regard to cybersecurity technological and industrial capacities in the Union. It shall involve National Coordination Centres as well as Union institutions and bodies with relevant expertise.
Amendment 165 #
Proposal for a regulation Article 8 – paragraph 2 2. The Cybersecurity Competence Community shall consist of civil society, industry, academic and
Amendment 166 #
Proposal for a regulation Article 8 – paragraph 2 2. The Cybersecurity Competence Community shall consist of industry, SMEs, academic and non-profit research organisations, and associations as well as public entities and other entities dealing with operational and technical matters. It shall bring together the
Amendment 167 #
Proposal for a regulation Article 8 – paragraph 2 2. The Cybersecurity Competence Community shall consist of industry, academic and non-profit research organisations, and associations as well as public entities and other entities dealing with operational and technical matters. It shall bring together the main stakeholders with regard to cybersecurity, technological
Amendment 168 #
Proposal for a regulation Article 8 – paragraph 3 – introductory part 3. Only entities which are established, and individuals resident within the Union may be accredited as members of the Cybersecurity Competence Community. The
Amendment 169 #
Proposal for a regulation Article 8 – paragraph 3 – point a (a) academia or research;
Amendment 171 #
Proposal for a regulation Article 8 – paragraph 3 – point b a (new) (b a) professional services or the deployment thereof;
Amendment 172 #
Proposal for a regulation Article 8 – paragraph 3 – point b b (new) (b b) formal and technical standardisation and specifications;
Amendment 173 #
Proposal for a regulation Article 8 – paragraph 4 4. The Competence Centre shall accredit entities established under national law, or individuals, as members of the Cybersecurity Competence Community after an assessment made by the National Coordination Centre of the Member State where the entity is established, or the individual is a resident, on whether that entity or individual meets the criteria provided for in paragraph 3. An accreditation shall not be limited in time but may be revoked by the Competence Centre at any time if it or the relevant National Coordination Centre considers that the entity does not fulfil the criteria set out in paragraph 3 or it falls under the relevant provisions set out in Article 136 of Regulation XXX [new financial regulation]. The National Coordination Centres of the Member States shall aim to achieve a balanced representation of stakeholders in the Community, actively stimulating participation from under- represented categories and groups of individuals.
Amendment 174 #
Proposal for a regulation Article 8 – paragraph 4 a (new) 4 a. The Commission may, by means of a delegated act in accordance with Article -45, further specify the criteria provided for in paragraph 3 and the procedures for assessing and accrediting entities that meet those criteria.
Amendment 175 #
Proposal for a regulation Article 9 – paragraph 1 – point 5 a (new) (5 a) encourage Community members that are manufacturers and service providers to certify their products and services under certification schemes adopted under the Cybersecurity Act.
Amendment 176 #
Proposal for a regulation Article 10 – paragraph 1 1. The Competence Centre shall cooperate with relevant Union institutions, bodies, offices and agencies including the European Union Agency for Network and Information Security (ENISA), the Computer Emergency Response Team (CERT-EU),
Amendment 177 #
Proposal for a regulation Article 10 – paragraph 2 2. Such cooperation shall take place within the framework of working arrangements. Those arrangements shall be
Amendment 178 #
Proposal for a regulation Article 12 – paragraph 1 1. The Governing Board shall be composed of one representative of each Member State,
Amendment 179 #
Proposal for a regulation Article 12 – paragraph 1 1. The Governing Board shall be composed of one representative of each Member State, five representatives from the European Parliament, and five representatives of
Amendment 180 #
Proposal for a regulation Article 12 – paragraph 3 3. Members of the Governing Board and their alternates shall be appointed in light of their knowledge in the field of
Amendment 181 #
Proposal for a regulation Article 12 – paragraph 3 3. Members of the Governing Board and their alternates shall be appointed in light of their knowledge in the field of
Amendment 182 #
Proposal for a regulation Article 12 – paragraph 6 6. The
Amendment 183 #
Proposal for a regulation Article 12 – paragraph 6 6. The
Amendment 184 #
Proposal for a regulation Article 12 – paragraph 7 7. The European Agency for Network and Information Security (ENISA) shall
Amendment 185 #
Proposal for a regulation Article 13 – paragraph 3 – point e a (new) (e a) adopt the working arrangements referred to in Article 10(2);
Amendment 186 #
Proposal for a regulation Article 13 – paragraph 3 – point l (l) promote the cooperation of the Competence Centre with global
Amendment 187 #
Proposal for a regulation Article 16 – paragraph 1 1. The Executive Director shall be a person with vast expertise, in- depth knowledge and high good reputation in the areas where the Competence Centre operates.
Amendment 188 #
Proposal for a regulation Article 16 – paragraph 3 3. The Executive Director shall be appointed by the Governing Board from a list of candidates proposed by the Commission, following an open and transparent selection procedure, while respecting the gender equality principle.
Amendment 189 #
Proposal for a regulation Article 16 – paragraph 3 3. The Executive Director shall be appointed by the Governing Board from a list of candidates proposed by the Commission, following an open
Amendment 190 #
Proposal for a regulation Article 16 – paragraph 3 a (new) 3 a. Before appointment, the candidate selected by the Governing Board shall make a statement before the relevant committee of the European Parliament and answer Members’ questions when invited to do so.
Amendment 191 #
Proposal for a regulation Article 16 – paragraph 5 5. The term of office of the Executive Director shall be f
Amendment 192 #
Proposal for a regulation Article 16 – paragraph 6 6. The Governing Board may,
Amendment 193 #
Proposal for a regulation Article 16 – paragraph 8 8. The Executive Director shall be removed from office only by decision of the Governing Board, acting on its own initiative or on a proposal from the Commission.
Amendment 194 #
Proposal for a regulation Article 17 – paragraph 2 – point h (h) prepare an action plan following-up on the conclusions of the retrospective evaluations and reporting on progress every two years to the Commission and the European Parliament;
Amendment 195 #
Proposal for a regulation Article 17 – paragraph 2 – point h (h) prepare an action plan following-up on the conclusions of the retrospective evaluations and reporting on progress every two years to the Commission and the European Parliament
Amendment 196 #
Proposal for a regulation Article 17 – paragraph 2 – point s (s) prepare an action plan following-up conclusions of internal or external audit reports, as well as investigations by the European Anti-Fraud Office (OLAF) and reporting on progress twice a year to the Commission and the European Parliament and regularly to the Governing Board;
Amendment 197 #
Proposal for a regulation Article 17 – paragraph 2 – point s (s) prepare an action plan following-up conclusions of internal or external audit reports, as well as investigations by the European Anti-Fraud Office (OLAF) and reporting on progress twice a year to the Commission, the European Parliament and regularly to the Governing Board;
Amendment 198 #
Proposal for a regulation Article 17 – paragraph 2 – point v (v) ensure effective communication with the Union's institutions and report to the European Parliament and to the Council annually or on invitation;
Amendment 199 #
Proposal for a regulation Article 18 – paragraph 1 1. The Industrial and Scientific Advisory Board shall consist of no more than 16 members
Amendment 200 #
Proposal for a regulation Article 18 – paragraph 1 1. The Industrial and Scientific Advisory Board shall consist of no more than 16 members. The members shall be appointed by the Governing Board from among the representatives of the entities of the Cybersecurity Competence Community according to an open, transparent and non-discriminatory procedure. The Board shall include at least three members each from industry, academic community and civil society including consumer organisations.
Amendment 201 #
Proposal for a regulation Article 18 – paragraph 1 1. The Industrial and Scientific Advisory Board shall consist of no more than 16 members. The members shall be appointed by the Governing Board from among the representatives of the entities of the Cybersecurity Competence Community. The board shall include at least three members from civil society, including consumer organisations.
Amendment 202 #
Proposal for a regulation Article 18 – paragraph 1 1. The Industrial and Scientific Advisory Board shall consist of no more than 16 members. The members shall be appointed by the Governing Board from among the representatives of the entities of the Cybersecurity Competence Community and other relevant stakeholders.
Amendment 203 #
Proposal for a regulation Article 18 – paragraph 1 1. The Industrial and Scientific Advisory Board shall consist of no more than
Amendment 204 #
Proposal for a regulation Article 18 – paragraph 4 4. The term of office of members of the Industrial and Scientific Advisory Board shall be
Amendment 205 #
Proposal for a regulation Article 19 – paragraph 1 1. The Industrial and Scientific Advisory Board shall meet at least t
Amendment 206 #
Proposal for a regulation Article 19 – paragraph 2 Amendment 207 #
Proposal for a regulation Article 19 – paragraph 2 2. The Industrial and Scientific Advisory Board
Amendment 208 #
Proposal for a regulation Article 19 – paragraph 2 2. The Industrial and Scientific Advisory Board may advise the Governing Board on the establishment of working groups on specific issues relevant to the work of the Competence Centre, in particular when they fall within the tasks specified in Art. 20, where necessary under the overall coordination of one or more members of the Industrial and Scientific Advisory Board.
Amendment 209 #
Proposal for a regulation Article 19 – paragraph 2 a (new) 2 a. The Industrial and Scientific Advisory Board shall have the right to nominate the participants of the working groups established under Art 19(2) from among the members of the Cybersecurity Competence Community.
Amendment 210 #
Proposal for a regulation Article 19 – paragraph 4 4. The Industrial and Scientific Advisory Board shall adopt its rules of procedure, including the nature and the appropriate level of coordination with the cPPP, as well as the nomination of the representatives that shall represent the Advisory Board where relevant and the duration of their nomination.
Amendment 211 #
Proposal for a regulation Article 19 – paragraph 4 a (new) 4 a. The Industrial and Scientific Advisory Board shall foster a high level of cooperation with the contractual public- private partnership (cPPP) on cybersecurity.
Amendment 212 #
Proposal for a regulation Article 20 – paragraph 1 – point 1 a (new) (1 a) provide the Executive Director and the Governing Board with a draft medium-to long-term R&I agenda on technology and applications;
Amendment 213 #
Proposal for a regulation Article 20 – paragraph 1 – point 1 a (new) (1 a) advise the Governing Board on the establishment of working groups on specific issues relevant to the work of the Competence Centre;
Amendment 214 #
Proposal for a regulation Article 20 – paragraph 1 – point 3 a (new) (3 a) provide the Executive Director and the Governing Board with independent advice on deployment and procurement;
Amendment 215 #
Proposal for a regulation Article 20 – paragraph 1 a (new) 1 a. In order to guarantee the alignment and the efficacy of the Industrial and Scientific Advisory Board, its chair shall have the right, except for matters which do not fall within the tasks of the Industrial and Scientific Board as outlined in Art. 20, to attend meetings of the Governing Board as an observer and to take part in its deliberations, but shall have no voting rights.
Amendment 216 #
Proposal for a regulation Article 20 – paragraph 1 b (new) 1 b. Representatives of the Industrial and Scientific Advisory Board as per Art. 19(4) may also be invited to attend meetings with the same rights and limitations whenever issues falling within their tasks are discussed.
Amendment 217 #
Proposal for a regulation Article 21 – paragraph 1 – point b a (new) (b a) An amount from the European Defence Fund for actions and administrative costs related to defence.
Amendment 218 #
Proposal for a regulation Article 21 – paragraph 4 Amendment 219 #
Proposal for a regulation Article 21 – paragraph 4 4. The
Amendment 220 #
Proposal for a regulation Article 22 – paragraph 4 Amendment 221 #
Proposal for a regulation Article 22 – paragraph 4 4. The Commission may terminate, proportionally reduce or suspend the Union’s financial contribution to the Competence Centre if the participating Member States do not contribute, or contribute only partially
Amendment 222 #
Proposal for a regulation Article 23 – paragraph 4 – point a (a) the Union's and participating Member States' financial contributions to the administrative costs;
Amendment 223 #
Proposal for a regulation Article 23 – paragraph 8 a (new) 8 a. The Competence Centre shall cooperate closely with other Union institutions, agencies, and bodies in order to reduce administrative costs.
Amendment 224 #
Proposal for a regulation Article 23 – paragraph 8 a (new) 8 a. The Competence Centre shall cooperate closely with other Union institutions, agencies, in particular ENISA and other relevant bodies;
Amendment 225 #
Proposal for a regulation Article 35 – paragraph 2 2. The Competence Centre shall ensure that the public and any interested parties are
Amendment 226 #
Proposal for a regulation Article 35 – paragraph 2 a (new) 2 a. The Competence Centre shall provide the public and any interested parties with a list of the Cybersecurity Competence Community members and shall make public the declarations of interest made by them in accordance with Article 42.
Amendment 227 #
Proposal for a regulation Article 38 a (new) Article 38 a Legal Personality of the Competence Centre 1. The Competence Centre shall have legal personality. 2. In each Member State, the Competence Centre shall enjoy the most extensive legal capacity accorded to legal persons under the laws of that Member State. It may, in particular, acquire or dispose of movable and immovable property and may be a party to legal proceedings.
Amendment 228 #
Proposal for a regulation Article 42 – paragraph 1 The Competence Centre Governing Board shall adopt rules for the prevention
Amendment 229 #
Proposal for a regulation Article 42 – paragraph 1 The Competence Centre Governing Board shall adopt rules for the prevention and management of conflicts of interest in respect of its members, bodies and staff, including the Executive Director. Those rules shall contain the provisions intended to avoid a conflict of interest in respect of the representatives of the members serving in the Governing Board as well as the Scientific and Industrial Advisory Board in accordance with Regulation XXX [new Financial Regulation].
Amendment 230 #
Proposal for a regulation Article 42 – paragraph 1 a (new) Member States shall ensure the prevention, identification, and resolution of conflicts of interest in respect of the National Coordination Centres.
Amendment 231 #
Proposal for a regulation Article 42 – paragraph 1 b (new) The rules referred to in paragraph 1 shall comply with Regulation (EU, Euratom) 2018/1046.
Amendment 232 #
Proposal for a regulation Article 44 – title Seat and Support from the host Member State
Amendment 233 #
-1 The seat of the Competence Centre shall be located in [Brussels, Belgium].
Amendment 234 #
Proposal for a regulation Article 44 – paragraph –1 a (new) -1 a The host Member State shall provide the best possible conditions to ensure the proper functioning of the Competence Centre, including a single location, the accessibility of the location, the existence of adequate education facilities for the children of staff members, appropriate access to the labour market, social security and medical care for both children and partners.
Amendment 235 #
Proposal for a regulation Article 44 – paragraph 1 An administrative agreement
Amendment 38 #
Proposal for a regulation Recital 1 (1)
Amendment 39 #
Proposal for a regulation Recital 1 (1) Our daily lives and economies become increasingly dependent on digital technologies, citizens become more and more exposed to serious cyber incidents. Future security depends, among others, on enhancing technological and industrial ability to protect the Union against cyber threats
Amendment 40 #
Proposal for a regulation Recital 3 a (new) (3 a) Article 41(2) of the Treaty on European Union states that the Union budget is not to be used for expenditure arising from operations having military or defence implications. Therefore the Cybersecurity Industrial, Technology, and Research Centre and its actions should be provided purely for civilian purposes.
Amendment 41 #
Proposal for a regulation Recital 4 (4) The Heads of State and Government at the Tallinn Digital Summit, in September 2017, called for the Union to become "a global leader in cyber-security by 2025, in order to ensure trust, confidence and protection of our citizens, consumers and enterprises online and to enable a free, safer and law-governed internet."
Amendment 42 #
Proposal for a regulation Recital 4 a (new) (4 a) The Competence Centre and its actions should take into account the implementation of Regulation (EU) 2019/XXX [recast of Regulation (EC) No 428/2009 as proposed by COM(2016)616].22a _________________ 22a Regulation (EU) 2019/... of the European Parliament and of the Council of ... setting up a Union regime for the control of exports, transfer, brokering, technical assistance and transit of dual- use items (OJ L ..., ..., p. ...).
Amendment 43 #
Proposal for a regulation Recital 5 (5) Substantial disruption of network and information systems can affect individual Member States and the Union as a whole. The security of network and information systems is therefore essential
Amendment 44 #
Proposal for a regulation Recital 5 a (new) (5 a) The resilience of ICT infrastructure like the Internet is critical to society, industry and research throughout the Union. That infrastructure relies heavily on components developed as Free and Open Source Software. Society, industry, businesses with diverse business models, as well as research and development build on them to create products and provide services.
Amendment 45 #
Proposal for a regulation Recital 6 a (new) (6 a) Cybersecurity experts often start their education in non-formal contexts, for example Free and Open Source Software projects and civic tech projects. Civic tech projects make use of open standards, Open Data, and Free and Open Source Software to develop products and services in the interest of society and the public good. They can be of non- commercial or pre-commercial nature and can as such be a precursor for start- ups, or academic and research projects.
Amendment 46 #
Proposal for a regulation Recital 8 (8) The Competence Centre should be the Union's main instrument to pool investment in cybersecurity research, technology and industrial development and to implement relevant projects and initiatives together with the Cybersecurity Competence Network. It should deliver cybersecurity-related financial support from the Horizon Europe and Digital Europe programmes, and should be open to the European Defence Fund, European Regional Development Fund and other programmes where appropriate. This approach should contribute to creating synergies and coordinating financial support related to EU initiatives in the field of civil R&D, cybersecurity research, innovation, technology and industrial development and avoiding duplication.
Amendment 47 #
Proposal for a regulation Recital 8 (8) The Competence Centre should be the Union's main instrument to pool investment in cybersecurity research,
Amendment 48 #
Proposal for a regulation Recital 8 a (new) (8 a) The Competence Centre should contribute to the security of ICT technology that is challenged by a constant evolution of threats and by the advancement of the technology itself. That is why security cannot simply be established, but should be understood as a process, incorporating the principle of “security by design” in the development of ICT technology. “Security by design” as established in Commission Joint Communication of 13 September 2017 entitled “Resilience, Deterrence and Defence: Building strong cybersecurity for the EU” includes state-of-the-art methods to increase security, at all stages of the lifecycle of a product or service, starting with secure design and development methods, reducing the attack surface, and incorporating adequate security testing and security audits. For the duration of operation and maintenance, producers or providers need to make available updates remedying new vulnerabilities or threats without delay, for the estimated lifetime of a product and beyond. This can also be achieved by enabling third parties to create and provide such updates. The provision of updates is especially necessary in the case of commonly used infrastructures, products and processes.
Amendment 49 #
Proposal for a regulation Recital 8 a (new) (8 a) In view of the extent of the cybersecurity challenge and in view of the investments made in cybersecurity capacities and capabilities in other parts of the world, the Union and its Member States should step up their financial support to research, development and deployment in this area. In order to realise economies of scale and achieve a comparable level of protection across the union, the Member States should put their efforts into a European framework by investing through the Competence Centre mechanism where relevant.
Amendment 50 #
Proposal for a regulation Recital 8 b (new) (8 b) “Security by design” as a principle should also influence formal as well as non-formal standardisation processes, where a common practice in non-formal standardisation is the creation of reference implementations, published under free and open licences. The secure design of, in particular, reference implementations is crucial for the overall reliability and resilience of commonly used network and information system infrastructure like the internet.
Amendment 51 #
Proposal for a regulation Recital 9 (9) Taking into account that the objectives of this initiative can be best achieved if all Member States or as many Member States as possible
Amendment 52 #
Proposal for a regulation Recital 12 (12) National Coordination Centres should be selected by Member States. In addition to the necessary administrative capacity, Centres should either possess or have direct access to cybersecurity technological expertise in cybersecurity, notably in domains such as cryptography, ICT security services, intrusion detection, system security, network security, software and application security, or human and societal aspects of security and privacy. They should also have the capacity to effectively engage and coordinate with the industry, the public sector, including authorities designated pursuant to the Directive (EU) 2016/1148 of the European Parliament and of the Council23 , and the research community. In addition, awareness shall be raised amongst the general public about cybersecurity through appropriate communicative means. _________________ 23 Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (OJ L 194, 19.7.2016, p. 1).
Amendment 53 #
Proposal for a regulation Recital 12 (12) National Coordination Centres should be selected by Member States. In addition to the necessary administrative capacity, Centres should either possess or have direct access to cybersecurity technological expertise in cybersecurity, notably in domains such as cryptography, ICT security services, intrusion detection, system security, network security, software and application security, or human, ethical and societal aspects of security and privacy. They should also have the capacity to effectively engage and coordinate with the industry, the public sector, including authorities designated pursuant to the Directive (EU) 2016/1148 of the European Parliament and of the Council23 , and the research community. _________________ 23 Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (OJ L 194, 19.7.2016, p. 1).
Amendment 54 #
Proposal for a regulation Recital 14 (14) Emerging technologies such as artificial intelligence, Internet of Things, high-performance computing (HPC) and quantum computing,
Amendment 55 #
Proposal for a regulation Recital 15 (15) The Competence Centre should have several key functions. First, the Competence Centre should facilitate and help coordinate the work of the European Cybersecurity Competence Network and nurture the Cybersecurity Competence Community. The Centre should drive the cybersecurity technological agenda and facilitate access to the expertise gathered in the Network and the Cybersecurity Competence Community. Secondly, it should implement relevant parts of Digital Europe and Horizon Europe programmes as well as of the European Defence Fund, by allocating grants, typically following a competitive call for proposals. Thirdly, the Competence Centre should facilitate joint investment by the Union, Member States and/or industry.
Amendment 56 #
Proposal for a regulation Recital 17 (17) In order to respond to the needs of both demand and supply side industries, the Competence Centre's task to provide cybersecurity knowledge and technical assistance to industries should refer to both ICT products, processes and services and all other industrial and technological products and solutions in which cybersecurity is to be embedded.
Amendment 57 #
Proposal for a regulation Recital 18 (18)
Amendment 58 #
Proposal for a regulation Recital 18 a (new) (18 a) Where an applicant for funding under Horizon Europe excludes non-civil applications in development, research, education or other activities, this should not lead to a disadvantage.
Amendment 59 #
Proposal for a regulation Recital 20 a (new) (20 a) Given that with ENISA there is already another dedicated EU cybersecurity agency, the Competence Centre Governing Board should ensure that ENISA is consulted on all the Centre's relevant activities, to create synergies;
Amendment 60 #
Proposal for a regulation Recital 21 (21) In view of their respective expertise in cybersecurity, the Joint Research Centre of the Commission as well as the European Network and Information Security Agency (ENISA) should play an active part in the Cybersecurity Competence Community and the Industrial and Scientific Advisory Board, in order to ensure synergies.
Amendment 61 #
Proposal for a regulation Recital 22 (22) Where they receive a financial contribution from the general budget of the Union, the National Coordination Centres and the entities which are part of the Cybersecurity Competence Community should publicise the fact that the respective activities are undertaken in the context of the present initiative and are of civilian nature.
Amendment 62 #
Proposal for a regulation Recital 24 (24) The Governing Board of the Competence Centre, composed of the Member States and the Commission, should define the general direction of the Competence Centre’s operations, and ensure that it carries out its tasks in accordance with this Regulation. The Governing Board should be entrusted with the powers necessary to establish the budget, verify its execution, adopt the appropriate financial rules, establish transparent working procedures for decision making by the Competence Centre, adopt the Competence Centre’s work plan and multiannual strategic plan reflecting the priorities in achieving the objectives and tasks of the Competence Centre, adopt its rules of procedure, appoint the Executive Director and decide on the extension of the Executive Director’s term of office and on the termination thereof. ENISA should be a permanent observer in the Governing Board.
Amendment 63 #
Proposal for a regulation Recital 25 a (new) (25 a) The commission should have sufficient weight in the decisions of the Governing Board, in line with its responsibility to ensure proper management of the Union budget as laid down in the Treaties.
Amendment 64 #
Proposal for a regulation Recital 27 (27) The Competence Centre should have an Industrial and Scientific Advisory Board as an advisory body to ensure regular dialogue with the private sector, consumers’ organisations and other relevant stakeholders. A minimum number of seats shall be allocated to each category of these relevant stakeholders which should include but not be limited to, industry professionals dealing with areas of cybersecurity, academics and research professionals, and relevant civil society bodies. The Industrial and Scientific Advisory Board should focus on issues relevant to stakeholders and bring them to the attention of the Competence Centre's Governing Board. The composition of the Industrial and Scientific Advisory Board and the tasks assigned to it, such as being consulted regarding the work plan, should ensure sufficient representation of stakeholders in the work of the Competence Centre.
Amendment 65 #
Proposal for a regulation Recital 27 (27) The Competence Centre should have an Industrial and Scientific Advisory Board as an advisory body to ensure regular dialogue with the private sector, consumers’ organisations and other relevant stakeholders. The Industrial and Scientific Advisory Board should focus on issues relevant to stakeholders and bring them to the attention of the Competence Centre's Governing Board. The composition of the Industrial and Scientific Advisory Board and the tasks assigned to it, such as being consulted regarding the work plan, should ensure sufficient representation of stakeholders in the work of the Competence Centre. A minimum number of seats should be allocated to each category of industry stakeholders, with particular attention paid to the representation of SMEs.
Amendment 66 #
Proposal for a regulation Recital 29 (29) The Competence Centre should have in place rules regarding the prevention
Amendment 67 #
Proposal for a regulation Recital 31 (31) The Competence Centre should operate in an open and transparent way
Amendment 68 #
Proposal for a regulation Recital 31 a (new) (31 a) It is advisable that both the Competence Centre and the National Coordination Centres monitor and follow the international standards as much as possible, in order to encourage development towards global best practices;
Amendment 69 #
Proposal for a regulation Recital 31 a (new) (31 a) The European Cybersecurity Community can benefit from representing the diversity of society at large, and should achieve a balanced representation of genders, ethnic diversity, and disabled persons.
Amendment 70 #
Proposal for a regulation Article 1 – paragraph 2 2. The Competence Centre shall contribute to the implementation of the cybersecurity part of the Digital Europe Programme established by Regulation No XXX and in particular actions related to Article 6 of Regulation (EU) No XXX [Digital Europe Programme] thereof
Amendment 71 #
Proposal for a regulation Article 1 – paragraph 2 a (new) 2 a. The Competence Centre shall contribute to the overall resilience in the Union towards cybersecurity threats. This can be achieved by raising the awareness for cybersecurity threats, by developing competences, capacities, capabilities throughout the Union, thoroughly taking into account the interplay of hardware and software infrastructure, networks, products and processes, and the societal and ethical implications and concerns.
Amendment 72 #
Proposal for a regulation Article 1 – paragraph 3 Amendment 73 #
Proposal for a regulation Article 1 – paragraph 4 Amendment 74 #
Proposal for a regulation Article 2 – paragraph 1 – point 1 (1) 'cybersecurity' means the process of the protection of network and information systems, their users, and other persons against
Amendment 75 #
Proposal for a regulation Article 2 – paragraph 1 – point 1 (1) 'cybersecurity' means the protection of networks, infrastructure and information systems, their users, and other persons against cyber threats;
Amendment 76 #
Proposal for a regulation Article 2 – paragraph 1 – point 2 (2) '
Amendment 77 #
Proposal for a regulation Article 2 – paragraph 1 – point 3 (3) 'public authority' means any government or other public administration, including public advisory bodies, at national, regional or local level or any natural or legal person performing public administrative functions under national and Union law, including specific duties;
Amendment 78 #
Proposal for a regulation Article 2 – paragraph 1 – point 3 (3) 'public authority' means any government or other public administration, including public advisory bodies, at national, regional or local level or any natural or legal person performing public administrative functions under Union and national law, including specific duties;
Amendment 79 #
(4 a) ‘industry’ means the industry providing products, processes, and services addressing cybersecurity demands and requirements, including SMEs, microenterprises, and individual experts.
Amendment 80 #
Proposal for a regulation Article 2 – paragraph 1 – point 4 b (new) (4 b) ‘stakeholders’ mean the industry, public entities and other entities dealing with operational and technical matters in the area of cybersecurity; civil society, in particular consumer associations, and the Free and Open Source Software community; the academic and research community;
Amendment 81 #
Proposal for a regulation Article 2 – paragraph 1 – point 4 c (new) (4 c) ‘civic tech projects’ means non- commercial and pre-commercial projects making use of open standards, Open Data, and Free and Open Source Software, in the interest of society and the public good, in particular where they do not have access to sufficient, steady financial support;
Amendment 82 #
Proposal for a regulation Article 3 – paragraph 1 – point a (a) retain and develop the cybersecurity technological and industrial capacities necessary to secure its Digital Single Market, increasing the trust of European consumers and citizens;
Amendment 83 #
Proposal for a regulation Article 3 – paragraph 1 – point a (a) retain and develop the cybersecurity technological
Amendment 84 #
Proposal for a regulation Article 3 – paragraph 1 – point a (a) retain and develop the cybersecurity technological and industrial capacities necessary to secure, rather than fragment, its Digital Single Market;
Amendment 85 #
Proposal for a regulation Article 3 – paragraph 1 – point a (a) retain and develop the cybersecurity technological and industrial capacities necessary to secure and develop its Digital Single Market;
Amendment 86 #
Proposal for a regulation Article 3 – paragraph 1 – point a (a)
Amendment 87 #
Proposal for a regulation Article 3 – paragraph 1 – point a a (new) (a a) increase the resilience and reliability of the civilian infrastructure of network and information systems, the Internet and commonly used hardware and software in the Union;
Amendment 88 #
Proposal for a regulation Article 3 – paragraph 1 – point a a (new) (a a) Support, facilitate and accelerate standardisation and certification processes;
Amendment 89 #
Proposal for a regulation Article 3 – paragraph 1 – point a a (new) (a a) Increase European digital autonomy in respect to cybersecurity
Amendment 90 #
Proposal for a regulation Article 3 – paragraph 1 – point b (b) increase the competitiveness of the Union's cybersecurity industry and turn cybersecurity into competitive advantage of other Union industries, giving it a firm foundation and making it a key player in the fight against cyber-attacks.
Amendment 91 #
Proposal for a regulation Article 3 – paragraph 1 – point b (b) increase the competitiveness of the Union's civilian cybersecurity industry and turn cybersecurity into a competitive advantage of other Union industries.
Amendment 92 #
Proposal for a regulation Article 3 – paragraph 1 – point b a (new) (b a) raise the awareness for cybersecurity threats, and related societal and ethical implications and concerns in the Union;
Amendment 93 #
Proposal for a regulation Article 3 – paragraph 1 – point b a (new) (b a) increase and secure the European digital autonomy in cybersecurity.
Amendment 94 #
Proposal for a regulation Article 4 – paragraph 1 – point 1 1.
Amendment 95 #
Proposal for a regulation Article 4 – paragraph 1 – point 2 2. contribute to the implementation of the cybersecurity part of the Digital Europe Programme established by Regulation No XXX26 and in particular actions related to Article 6 of Regulation (EU) No XXX [Digital Europe Programme]
Amendment 96 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – introductory part 3. enhance cybersecurity resilience, capabilities, knowledge and infrastructures at the service of society, industries, the public sector and research communities, by carrying out the following tasks, having regard to the state-of-the-art cybersecurity industrial and research infrastructures and related services:
Amendment 97 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – introductory part 3. enhance cybersecurity capacities and capabilities, knowledge and infrastructures at the service of industries, the public sector and research communities, and raise awareness of how effective cybersecurity can reduce societal and ethical threats to the Union, by carrying out the following tasks:
Amendment 98 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – introductory part 3. enhance cybersecurity capabilities, knowledge and infrastructures at the service of industries, services, the public sector and research communities, by carrying out the following tasks:
Amendment 99 #
Proposal for a regulation Article 4 – paragraph 1 – point 3 – point a (a)
source: 632.037
|
History
(these mark the time of scraping, not the official date of the change)
committees/1 |
|
committees/1 |
|
committees/2 |
Old
New
|
committees/3 |
Old
New
|
docs/0 |
|
docs/7 |
|
docs/8 |
|
docs/8 |
|
docs/8/docs/0/url |
/oeil/spdoc.do?i=32272&j=0&l=en
|
docs/10 |
|
docs/13 |
|
docs/14 |
|
docs/14 |
|
docs/15 |
|
docs/15 |
|
docs/16 |
|
events/0 |
|
events/10 |
|
events/11 |
|
events/11/date |
Old
2021-01-14T00:00:00New
2021-01-13T00:00:00 |
events/12 |
|
events/15 |
|
links/Research document/url |
Old
http://www.europarl.europa.eu/thinktank/en/document.html?reference=EPRS_BRI(2019)635518New
https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI(2019)635518 |
docs/13 |
|
events/14/summary |
|
events/17/docs |
|
procedure/final/title |
Old
OJ L 202 08.06.2021, p. 0001New
Regulation 2021/887 |
procedure/final/url |
Old
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L:2021:202:TOCNew
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!CELEXnumdoc&lg=EN&numdoc=32021R0887 |
events/17 |
|
procedure/final |
|
procedure/stage_reached |
Old
Procedure completed, awaiting publication in Official JournalNew
Procedure completed |
docs/13 |
|
events/14/summary |
|
procedure/stage_reached |
Old
Awaiting Parliament 2nd readingNew
Procedure completed, awaiting publication in Official Journal |
events/3/docs |
|
events/13/docs |
|
docs/0 |
|
docs/10 |
|
docs/11 |
|
events/0 |
|
events/12 |
|
events/14 |
|
events/14/summary |
|
events/15 |
|
events/17 |
|
events/19 |
|
docs/11 |
|
events/17 |
|
events/14 |
|
forecasts |
|
events/15 |
|
events/16 |
|
forecasts/0 |
|
docs/10 |
|
events/14 |
|
forecasts/1 |
|
docs/9 |
|
docs/10 |
|
forecasts |
|
docs/9 |
|
events/12/summary |
|
events/1/body |
EP
|
events/2/body |
EP
|
events/3/body |
EP
|
events/6/body |
EP
|
events/8/body |
EP
|
events/11/docs/0/url |
http://www.europarl.europa.eu/RegData/commissions/itre/lpag/2021/01-18/ITRE_LA(2021)662120_EN.pdf
|
events/13 |
|
docs/2/docs/0/url |
https://www.europarl.europa.eu/doceo/document/ITRE-PR-631940_EN.html
|
docs/4/docs/0/url |
https://www.europarl.europa.eu/doceo/document/ITRE-AM-632973_EN.html
|
docs/6/docs/0/url |
https://www.europarl.europa.eu/doceo/document/IMCO-AD-630409_EN.html
|
docs/8/docs/0/url |
https://www.europarl.europa.eu/doceo/document/ITRE-PR-689669_EN.html
|
docs/9 |
|
events/12 |
|
procedure/dossier_of_the_committee/0 |
ITRE/9/01206
|
procedure/dossier_of_the_committee/0 |
ITRE/8/14593
|
procedure/stage_reached |
Old
Awaiting Council's 1st reading positionNew
Awaiting Parliament 2nd reading |
docs/2/docs/0/url |
https://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE631.940
|
docs/4/docs/0/url |
https://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE632.973
|
docs/6/docs/0/url |
https://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE630.409&secondRef=02
|
docs/8/docs/0/url |
https://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE689.669
|
events/1 |
|
events/1 |
|
events/2 |
|
events/2 |
|
events/3 |
|
events/3 |
|
events/4/docs |
|
events/6 |
|
events/6 |
|
events/8 |
|
events/8 |
|
procedure/title |
Old
European Cybersecurity Industrial, Technology and Research Competence Centre and Network of National Coordination CentresNew
European Cybersecurity Competence Centre |
docs/8/docs/0/url |
https://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE689.669
|
docs/8 |
|
committees/0 |
|
committees/0 |
|
committees/0 |
|
committees/0 |
|
committees/1 |
|
committees/1 |
|
committees/3 |
|
committees/3 |
|
committees/0/shadows/4 |
|
committees/0 |
|
committees/0 |
|
committees/0 |
|
committees/0 |
|
committees/0 |
|
committees/0 |
|
committees/1 |
|
committees/1 |
|
committees/3 |
|
committees/3 |
|
docs/8 |
|
events/11 |
|
procedure/Legislative priorities |
|
committees/0 |
|
committees/0 |
|
docs/8 |
|
procedure/Modified legal basis |
Rules of Procedure EP 159
|
procedure/Other legal basis |
Rules of Procedure EP 159
|
procedure/stage_reached |
Old
Awaiting Council 1st reading position / budgetary conciliation convocationNew
Awaiting Council's 1st reading position |
docs/3/docs/0/url |
https://dmsearch.eesc.europa.eu/search/public?k=(documenttype:AC)(documentnumber:5208)(documentyear:2018)(documentlanguage:EN)
|
docs/5/docs/0/url |
https://dmsearch.eesc.europa.eu/search/public?k=(documenttype:AC)(documentnumber:4805)(documentyear:2018)(documentlanguage:EN)
|
docs/6/docs/0/url |
Old
http://httsp://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE630.409&secondRef=02New
https://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE630.409&secondRef=02 |
docs/0/docs/0 |
|
docs/2/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE631.940New
https://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE631.940 |
docs/4/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE632.973New
https://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE632.973 |
docs/6/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE630.409&secondRef=02New
http://httsp://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE630.409&secondRef=02 |
events/3/docs/0/url |
Old
http://www.europarl.europa.eu/doceo/document/A-8-2019-0084_EN.htmlNew
https://www.europarl.europa.eu/doceo/document/A-8-2019-0084_EN.html |
events/4/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?secondRef=TOC&language=EN&reference=20190311&type=CRENew
https://www.europarl.europa.eu/sides/getDoc.do?secondRef=TOC&language=EN&reference=20190311&type=CRE |
events/6/docs/0/url |
Old
http://www.europarl.europa.eu/doceo/document/TA-8-2019-0189_EN.htmlNew
https://www.europarl.europa.eu/doceo/document/TA-8-2019-0189_EN.html |
events/8/docs/0/url |
Old
http://www.europarl.europa.eu/doceo/document/TA-8-2019-0419_EN.htmlNew
https://www.europarl.europa.eu/doceo/document/TA-8-2019-0419_EN.html |
events/10/body |
EP
|
events/10 |
|
docs/7/body |
EC
|
events/3/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A8-2019-0084&language=ENNew
http://www.europarl.europa.eu/doceo/document/A-8-2019-0084_EN.html |
events/6/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P8-TA-2019-0189New
http://www.europarl.europa.eu/doceo/document/TA-8-2019-0189_EN.html |
events/8/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P8-TA-2019-0419New
http://www.europarl.europa.eu/doceo/document/TA-8-2019-0419_EN.html |
committees/0 |
|
committees/0 |
|
docs/7 |
|
events/5 |
|
events/8 |
|
committees/0/shadows/0 |
|
committees/0/shadows/2 |
|
committees/0 |
|
committees/0 |
|
committees/0 |
|
committees/0 |
|
committees/1 |
|
committees/1 |
|
committees/2 |
|
committees/2 |
|
committees/2/type |
Old
Committee OpinionNew
Former Committee Opinion |
committees/3 |
|
committees/3/type |
Old
Committee OpinionNew
Former Committee Opinion |
docs/7 |
|
committees/0 |
|
committees/0 |
|
committees/2 |
|
committees/2 |
|
docs/7 |
|
activities |
|
commission |
|
committees/0 |
|
committees/0 |
|
committees/1 |
|
committees/1 |
|
committees/2 |
|
committees/2 |
|
docs |
|
events |
|
links/Research document |
|
other |
|
otherinst |
|
procedure/Mandatory consultation of other institutions |
European Economic and Social Committee European Committee of the Regions
|
procedure/Modified legal basis |
Rules of Procedure EP 159
|
procedure/dossier_of_the_committee |
Old
ITRE/8/14593New
|
procedure/legal_basis/0 |
Rules of Procedure EP 59-p4
|
procedure/other_consulted_institutions |
European Economic and Social Committee European Committee of the Regions
|
procedure/stage_reached |
Old
Awaiting committee decisionNew
Awaiting Council 1st reading position / budgetary conciliation convocation |
procedure/subject |
Old
New
|
activities/1/committees/2/shadows/5 |
|
committees/2/shadows/5 |
|
activities/1/committees/2/shadows/2 |
|
activities/1/committees/2/shadows/4 |
|
committees/2/shadows/2 |
|
committees/2/shadows/4 |
|
activities/1/committees/2/date |
2018-11-07T00:00:00
|
activities/1/committees/2/rapporteur |
|
committees/2/date |
2018-11-07T00:00:00
|
committees/2/rapporteur |
|
activities/1/committees/2/shadows |
|
committees/2/shadows |
|
activities/0/docs/0/text |
|
activities/1/committees/1/date |
2018-09-24T00:00:00
|
activities/1/committees/1/rapporteur |
|
committees/1/date |
2018-09-24T00:00:00
|
committees/1/rapporteur |
|
activities/1 |
|
procedure/dossier_of_the_committee |
ITRE/8/14593
|
procedure/stage_reached |
Old
Preparatory phase in ParliamentNew
Awaiting committee decision |
activities/0/docs/0/celexid |
CELEX:52018PC0630:EN
|
procedure/Mandatory consultation of other institutions |
European Economic and Social Committee European Committee of the Regions
|
activities/0/commission/0 |
|
other/0 |
|
activities |
|
committees |
|
links |
|
other |
|
procedure |
|