Feeds

EC plans stronger data protection and copyright laws

Digital Agenda pushes standards

High performance access to file storage

Updated The European Commission will strengthen legal protections for personal data, reform copyright law and ensure that device and software makers embrace standards, it said when outlining its new digital policies.

The Commission will also consider forcing companies to tell users and customers when their systems have been breached and personal data has been lost, stolen or exposed.

The Commission has published its Digital Agenda, the series of aims which will guide its legislating and policy formation activities in the next 10 years.

"We must put the interests of Europe's citizens and businesses at the forefront of the digital revolution and so maximise the potential of Information and Communications Technologies (ICTs) to advance job creation, sustainability and social inclusion", said Commission vice president for the digital agenda Neelie Kroes. "The ambitious strategy set out today shows clearly where we need to focus our efforts in the years to come. To fully realise the potential of Europe's digital future we need the full commitment of Member States, the ICT sector and other vital economic players."

The Commission's priorities include changing copyright law to make cross-border trade in digital goods and services more widespread, it said.

"Citizens should be able to enjoy commercial services and cultural entertainment across borders. But EU online markets are still separated by barriers which hamper access to pan-European telecoms services, digital services and content," said a Commission statement on the Agenda. "Today there are four times as many music downloads in the US as in the EU because of the lack of legal offers and fragmented markets. The Commission intends to open up access to legal online content by simplifying copyright clearance, management and cross-border licensing. Other actions include making electronic payments and invoicing easier and simplifying online dispute resolution."

The Commission's plan also includes a proposal to strengthen data protection law to cultivate trust in online services.

"Europeans will not embrace technology they do not trust – they need to feel confident and safe online," said the Commission statement. "A better coordinated European response to cyber-attacks and reinforced rules on personal data protection are part of the solution. Actions could also potentially oblige website operators to inform their users about security breaches affecting their personal data."

The proposals include plans to investigate whether more companies should be subject to a security breach notification law. New telecoms legislation passed in the EU last year ordered telecoms providers to tell customers if the security of their personal data had been compromised. The Commission could extend this to other kinds of companies.

"As part of the modernisation of the EU personal data protection regulatory framework to make it more coherent and legally certain, [we will] explore the extension of security breach notification provisions," said the Digital Agenda.

The Agenda identifies seven areas for action. These are: creating a digital Single Market, greater interoperability, boosting internet trust and security, much faster internet access, more investment in research and development, enhancing digital literacy skills and inclusion, and applying information and communications technologies to address challenges facing society like climate change and the ageing population.

The Digital Agenda itself is made up of 100 actions that the Commission will take, 31 of which involve changing EU law, the Commission said.

It said it will "improve" standard-setting so that technologies are more likely to work together. Standards are set by industry on a voluntary basis to help devices work together and to lower manufacturing and design costs by the use of standardised components or technologies.

Open standards lobbying body the Free Software Foundation said, though, that the Commission's planned action on standardisation was inadequate.

"The [Commission] needs to adopt a strict definition of open standards, along the lines of the first European Interoperability Framework," said Karsten Gerloff, president of the Free Software Foundation Europe. "The Commission needs to put open standards at the heart of its strategy for the public sector's IT systems. Only with the competition that open standards enable will we tap the full potential of free software for European innovation."

The Agenda commits the Commission to an increase in funding for research in information and communication technologies. It said it wanted a far greater penetration of superfast broadband internet networks, but did not pledge money to build the networks, only saying that it would "explore how to attract investment in broadband through credit enhancement mechanisms and will give guidance on how to encourage investments in fibre-based networks".

"The digital world affects us all – there is no choice about that," said Kroes. "But we can take the decision to use these changes to boost European growth, jobs and the well-being of our citizens. That is the decision the Commission is taking today, and we call on all those with a stake in this digital future for Europe to join us in moving forward."

Editor's note, 21/05/2010: Our original article suggested that Karsten Gerloff was part of the Free Software Foundation (FSF). He isn't: he's with the Free Software Foundation Europe, which is an independent sister organisation of the FSF in the US.

Also, our original intro said that the European Commission would ensure that device and software makers embrace open standards. That was inaccurate. After our story was published, Karsten pointed out:

During the negotiations within the EC about the Digital Agenda, Open Standards were at the center of a heated battle between different Directorates General and interest groups. In the published result, you will note that the agenda does not contain the term 'open standard' -- it only talks about 'standards'". This is one of several aspects where the published communication falls behind earlier drafts seen by FSFE, and sadly matches the way in which the European Interoperability Framework is being watered down by the Commission, to the dismay of a number of Member States (see a comparison of various draft EIF revisions).

Consequently, we've changed the reference in our intro to 'standards' instead of 'open standards'.

We apologise for the inaccuracies in our original report.

See: The Digital Agenda (42pg/316kb pdf)

Copyright © 2010, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
Oz bank in comedy Heartbleed blog FAIL
Bank: 'We are now safely patched.' Customers: 'You were using OpenSSL?'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.