Feeds

EC plans stronger data protection and copyright laws

Digital Agenda pushes standards

Beginner's guide to SSL certificates

Updated The European Commission will strengthen legal protections for personal data, reform copyright law and ensure that device and software makers embrace standards, it said when outlining its new digital policies.

The Commission will also consider forcing companies to tell users and customers when their systems have been breached and personal data has been lost, stolen or exposed.

The Commission has published its Digital Agenda, the series of aims which will guide its legislating and policy formation activities in the next 10 years.

"We must put the interests of Europe's citizens and businesses at the forefront of the digital revolution and so maximise the potential of Information and Communications Technologies (ICTs) to advance job creation, sustainability and social inclusion", said Commission vice president for the digital agenda Neelie Kroes. "The ambitious strategy set out today shows clearly where we need to focus our efforts in the years to come. To fully realise the potential of Europe's digital future we need the full commitment of Member States, the ICT sector and other vital economic players."

The Commission's priorities include changing copyright law to make cross-border trade in digital goods and services more widespread, it said.

"Citizens should be able to enjoy commercial services and cultural entertainment across borders. But EU online markets are still separated by barriers which hamper access to pan-European telecoms services, digital services and content," said a Commission statement on the Agenda. "Today there are four times as many music downloads in the US as in the EU because of the lack of legal offers and fragmented markets. The Commission intends to open up access to legal online content by simplifying copyright clearance, management and cross-border licensing. Other actions include making electronic payments and invoicing easier and simplifying online dispute resolution."

The Commission's plan also includes a proposal to strengthen data protection law to cultivate trust in online services.

"Europeans will not embrace technology they do not trust – they need to feel confident and safe online," said the Commission statement. "A better coordinated European response to cyber-attacks and reinforced rules on personal data protection are part of the solution. Actions could also potentially oblige website operators to inform their users about security breaches affecting their personal data."

The proposals include plans to investigate whether more companies should be subject to a security breach notification law. New telecoms legislation passed in the EU last year ordered telecoms providers to tell customers if the security of their personal data had been compromised. The Commission could extend this to other kinds of companies.

"As part of the modernisation of the EU personal data protection regulatory framework to make it more coherent and legally certain, [we will] explore the extension of security breach notification provisions," said the Digital Agenda.

The Agenda identifies seven areas for action. These are: creating a digital Single Market, greater interoperability, boosting internet trust and security, much faster internet access, more investment in research and development, enhancing digital literacy skills and inclusion, and applying information and communications technologies to address challenges facing society like climate change and the ageing population.

The Digital Agenda itself is made up of 100 actions that the Commission will take, 31 of which involve changing EU law, the Commission said.

It said it will "improve" standard-setting so that technologies are more likely to work together. Standards are set by industry on a voluntary basis to help devices work together and to lower manufacturing and design costs by the use of standardised components or technologies.

Open standards lobbying body the Free Software Foundation said, though, that the Commission's planned action on standardisation was inadequate.

"The [Commission] needs to adopt a strict definition of open standards, along the lines of the first European Interoperability Framework," said Karsten Gerloff, president of the Free Software Foundation Europe. "The Commission needs to put open standards at the heart of its strategy for the public sector's IT systems. Only with the competition that open standards enable will we tap the full potential of free software for European innovation."

The Agenda commits the Commission to an increase in funding for research in information and communication technologies. It said it wanted a far greater penetration of superfast broadband internet networks, but did not pledge money to build the networks, only saying that it would "explore how to attract investment in broadband through credit enhancement mechanisms and will give guidance on how to encourage investments in fibre-based networks".

"The digital world affects us all – there is no choice about that," said Kroes. "But we can take the decision to use these changes to boost European growth, jobs and the well-being of our citizens. That is the decision the Commission is taking today, and we call on all those with a stake in this digital future for Europe to join us in moving forward."

Editor's note, 21/05/2010: Our original article suggested that Karsten Gerloff was part of the Free Software Foundation (FSF). He isn't: he's with the Free Software Foundation Europe, which is an independent sister organisation of the FSF in the US.

Also, our original intro said that the European Commission would ensure that device and software makers embrace open standards. That was inaccurate. After our story was published, Karsten pointed out:

During the negotiations within the EC about the Digital Agenda, Open Standards were at the center of a heated battle between different Directorates General and interest groups. In the published result, you will note that the agenda does not contain the term 'open standard' -- it only talks about 'standards'". This is one of several aspects where the published communication falls behind earlier drafts seen by FSFE, and sadly matches the way in which the European Interoperability Framework is being watered down by the Commission, to the dismay of a number of Member States (see a comparison of various draft EIF revisions).

Consequently, we've changed the reference in our intro to 'standards' instead of 'open standards'.

We apologise for the inaccuracies in our original report.

See: The Digital Agenda (42pg/316kb pdf)

Copyright © 2010, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.