 | |
| |
TechnologyDaily Mobile
Europe Tackles Range Of Internet Issues
by William New
The European Union is showing mixed progress toward its goal of becoming the world's most advanced information society. As several key deadlines toward that goal approach, EU officials are pushing to finish work, sometimes against the disparate views and legal frameworks of the union's 15 individual nations.
EU officials are studying cyber security, implementation of a copyright directive and review of the union's privacy directive, among other issues.
The Security Task At Hand
Earlier this year, EU leaders designated that a cyber-security task force be created under the eEurope 2005 action plan. Officials are working vigorously on that objective this fall and expect to have a proposal by year's end, sources said.
"We will implement and act on this shortly," said Per Haugaard, spokesman for EU Information Society Commissioner Erkki Liikanen, who drew the first draft of the task force. The European Commission, the EU's regulatory body, may submit its proposal within weeks to representatives and parliament members of EU states for their approval.
Details being negotiated include the body's organization, role and legal status, Haugaard said. But the initiative is likely to result in the creation of a central body that could respond better and disseminate information about viruses or other cyber attacks, he said.
The commission's task-force unit has been working under the director general for information society, Fabio Colasanti. It may be transitioned into another unit, possibly called the Network and Information Society Unit, which may have a quasi-independent operational status while receiving its budget from the union, sources said.
The body may consist of national-level experts in the service of the commission but funded by the EU governments, along with permanent commission staff, a private-sector source said.
EU officials are considering similar recent efforts to develop cyber-security principles by the United States and the Organization for Economic Cooperation and Development. "It's good news for the United States," Haugaard said. "It will enable the EU to respond better [to threats or attacks] because there will be one entry/exit point."
Cyber Security Vs. Cyber Crime
But the European situation is different because each country already has its own cyber-security mechanism in place. All have the same purpose and use similar technological approaches but need coordination, sources said.
The Dependability Development Support Initiative, an EU-funded public-private project begun in June 2001, also has addressed the issue. The group, which held its final conference Oct. 10, emphasized partnerships, research and development, and warning and information sharing. Howard Schmidt, vice chairman of the President's Critical Infrastructure Protection Board, spoke at last week's conference.
The cyber-security task force will not directly affect implementation of the cyber-crime treaty completed last year at the Council of Europe (COE), a larger, distinct body that includes the United States as an observer and focuses more on law enforcement than the EU. "This is all procedure and institution-building," Haugaard said. "The body of legal text is still unchanged."
Jeffrey Pryce, an international lawyer at Steptoe and Johnson in Washington, said the body is looking to emphasize infrastructure and information security, not law enforcement. The expectation is that the national level experts will come from the telecommunications and information technology areas of government, he said. The COE cyber-crime treaty, by comparison, was drafted mainly by law enforcement officials and does not create any institutions, he said.
Europe has prioritized cyber security to counter possible cyber terrorism, help boost confidence in the Internet and address the costs of virus attacks to businesses, Haugaard said.
The proposal must complete an "interagency" commission approval process before heading to the other bodies. The private-sector source predicted that the whole bureaucratic process would conclude later next year.
Privacy, Copyright Issues Garner Attention
Another issue before the European Union is the privacy directive, which requires companies to protect EU citizens' personal data. The European Commission is reviewing the directive for possible changes. A recent commission conference on the issue brought complaints from several member states and some in the private sector, but sources said significant changes are unlikely.
Christopher Kuner, a partner at the Hunton and Williams law firm in Brussels, Belgium, said he expects EU officials will seek small changes and ways of reinterpreting existing regulations. Two areas they may address are notifications to individuals that their data is being processed and codes of conduct for data transfers, he said.
On the related issue of data retention, debate continues on whether there should be a harmonized approach among EU nations on how much time data should be kept in order to combat crime. Current EU rules say traffic data should be deleted or made anonymous after it is no longer necessary for billing purposes, which ranges widely from country to country. There is currently an exemption on a case-by-case basis for national security reasons.
EU nations also face a Dec. 22 deadline for implementing a copyright directive, but only a few -- such as the Netherlands, Austria, the United Kingdom and Belgium -- have a chance of making it, according to lawyers at Morrison and Foerster.
Karen Retzer, an attorney at the Brussels office, said exceptions to restrictions on using copyrighted material, such as the "fair use" exception that allows private copies for personal use, are the main reason for the delays. A looming question is how to compensate rights holders for the exceptions -- through systems that mandate technologies for managing digital rights, through levies or otherwise, she said.
Retzer said a consumer-credit directive launched Sept. 11 that would update existing laws with rules for data protection also is troublesome. The proposed directive would remove the positive benefit to consumers of paying their credit bills on time, marking only the negative effects, she said. It also could add obligations for lenders, possibly slowing the process, she said. The draft is headed for parliamentary debate.
Chat About The VAT Continues
Another issue of concern to U.S. businesses is the EU value-added tax (VAT) on business-to-consumer online transactions. While the U.S. government appears to have retreated from the issue, U.S. industry sources remain concerned about the ability to comply when the VAT takes effect next summer.
Joe Tasker, senior vice president for government affairs at the Information Technology Association of America, said in order to comply, U.S. companies will have to determine on their Web sites whether customers are businesses or consumers. Businesses will have to provide their VAT numbers.
In addition, he said, the 15 EU nations have different VAT rates, which U.S. companies will have to account for in order to profit. If the company varies its prices, it would have to use still-unreliable geolocation software confirm buyers' locations, he said.
Separately, offers continue to arrive from organizations interested in managing the .eu domain-name registry, which is expected to launch next year. With a submission deadline of Oct. 31, Haugaard said there are a sufficient number of applications already to make a "fair and equitable" selection by the end of the year.
The European Commission also is analyzing the state of the telecommunications market to determine what level of government intervention is necessary, much like the United States. Europe is in favor of competition, innovation and a "light-touch" legal framework, Haugaard said. "We are not in favor of state aid intervention that can distort competition."
NEW FEATURE
-Advertisement-
-Advertisement-
-Advertisement-
