New Approaches to Network and Information Security Regulation: The EU Telecoms Package

2010 ◽  
Vol 11 (2) ◽  
Author(s):  
Lukas Feiler
Keyword(s):  
Risk Mitigation ◽  
Fundamental Problem ◽  
Personal Data ◽  
Security Measures ◽  
Electronic Communications ◽  
Communications Networks ◽  
Security Breaches ◽  
National Regulatory Authority ◽  
New Policies ◽  
The Eu

AbstractThe ePrivacyDirective and the FrameworkDirective as amended by the EU Telecoms Package introduce, for the first time, obligations for providers of public communications networks and for providers of publicly available electronic communications services to notify certain personal data security breaches and certain network security breaches to subscribers, individuals concerned, and/or the competent national (regulatory) authority. This paper analyzes the conditions under which different types of security breaches will have to be notified and to whom this notification will have to be addressed. The paper will conclude with a riskbased assessment of these new security breach notification requirements, examining to what extent they not only allow users to take corrective security measures and regulators to make informed policy choices, but also to what extent the new policies address the fundamental problem of the misalignment of risk and risk mitigation capability.

scholarly journals CYBERSECURITY OF THE REPUBLIC OF MOLDOVA: A RETROSPECTIVE FOR THE PERIOD 2015-2020

2021 ◽  
Vol IV(1) ◽  
Author(s):  
Dinu Turcanu ◽  
◽  
Natalia Spinu ◽  
Serghei Popovici ◽  
Tatiana Turcanu ◽  
...  
Keyword(s):  
Social Life ◽  
Information Technologies ◽  
Personal Data ◽  
Economic Life ◽  
Security Threat ◽  
Electronic Communications ◽  
Communications Networks ◽  
Republic Of Moldova ◽  
The Republic ◽  
The Impact

The process of implementing information technologies in all areas of economic, political, social life, etc. in the Republic of Moldova has also determined the evolution of cybercrime. New “virtual” dimensions of national infrastructure are being formed, which are becoming more and more important for local and international politics. As a result, in recent years it has been found that computer systems, networks and data are being used more and more frequently for criminal purposes, and the materials that could be evidence of these crimes are also stored and transmitted through these networks by perpetrators. Cybercrime, espionage, propaganda, diversion and excessive exploitation of personal data through electronic communications networks are used as basic tools at all stages of designing a hybrid security threat. Cyberspace-specific threats are characterized by asymmetry and accentuated dynamics and global character, which makes them difficult to identify and counteracted by measures proportional to the impact of the materialization of risks. Moldova is currently facing threats from cyberspace at the address of critical infrastructures, given the increasing interdependence between cyber infrastructures and infrastructures such as those in the financial banking, transport, energy and national defense sectors. The globality of cyberspace is likely to amplify the risks to them by affecting both the sector to the same extent private as well as public. Threats to cyberspace can be classified in several ways, but the most commonly used are those based on motivational factors and the impact on society. In the prevailing conditions cybersecurity is becoming one of the most important areas for ensuring internal security and the effective operation of state institutions in all spheres of social and economic life.

scholarly journals The Impact of EURODAC in EU Migration Law: The Era of Crimmigration?

2019 ◽  
Vol 3 (1) ◽  
pp. 157-183 ◽  
Author(s):  
Benedita Menezes Queiroz
Keyword(s):  
Law Enforcement ◽  
Personal Data ◽  
Public Security ◽  
Security Measures ◽  
Legal Regime ◽  
Irregular Migrants ◽  
Access To Data ◽  
The Impact ◽  
Migration Law ◽  
The Eu

Counter-terrorism and public security measures have significantly altered EU immigration law. Under the premise that EU instruments which regulate EU immigration databases influence the legal regime of irregularity of migrants’ statuses, the present article argues that the latest developments in the area of data technology contribute to the phenomenon of “crimmigration”. This is so not only because they may generate a sort of “digital illegality” due to their impact on the categorisation of migrants, but also because they enable a conflation of treatment of irregularity, asylum seeking and criminality. This article focuses on the recent amendments and proposals for amendments to the EURODAC Regulation, a database that regulates the asylum fingerprint system in the EU. This is revealing of the ongoing broadening of the purpose of that data and law enforcement access to the collected information. The argument finds its basis in three main trends common to these databases: the erosion of the principle of purpose limitation, the widening of access to data by law enforcement authorities, and the digitalisation of borders through biometrics. Ultimately, this article claims that the level of surveillance of certain categories of migrants that may cross the borders of the EU puts at risk the distinction between illegally staying irregular migrants and criminals, given that the treatment of their personal data is insufficiently clear in practice.

scholarly journals Requirements of EU law enforcement agencies for lawful interception of information in electronic communications networks

2021 ◽  
pp. 115-120
Author(s):  
S. КOKIZA ◽  
V. STEPANOV
Keyword(s):  
Law Enforcement ◽  
Communication Networks ◽  
Electronic Communication ◽  
Eu Law ◽  
Law Enforcement Agencies ◽  
Electronic Communications ◽  
Communications Networks ◽  
Normative Documents ◽  
Lawful Interception ◽  
The Eu

The article is devoted to the analysis of regulatory and legal acts and normative documents of the EU on information interception in electronic communication networks in the context of preparation of technical regulations of the united system of technical means.

scholarly journals Telecommunications networks

2017 ◽  
Vol 18 (3-4) ◽  
pp. 175-197 ◽  
Author(s):  
Serge J.H. Gijrath
Keyword(s):  
High Speed ◽  
Innovation Policy ◽  
Market Regulation ◽  
Electronic Communications ◽  
Communications Networks ◽  
Playing Field ◽  
Technological Developments ◽  
Policy Objectives ◽  
Regulatory Measures ◽  
The Eu

This article assesses the innovation policy objectives underlying the proposed European Union (EU) Telecom Single Market regulation considering disruptive technological developments. The article explores the network operator’s dilemma how to deal with investments in a time where fundamental innovation comes from outside and the regulator’s dilemma how to improve the conditions for access to the operators’ networks and how to safeguard a level playing field. The EU measures with respect to two technological issues are discussed considering the EU’s policy objectives with respect to the deployment of 5G and the goal to ensure very high-speed broadband access in the EU. Thought is given to the effectiveness of imposing active and passive infrastructure arrangements. A mix of regulatory measures is considered in moving towards smarter electronic communications networks regulation.

scholarly journals Risk Analysis and Data Protection Impact Assessment Conducted in the Public Sector

2020 ◽  
Vol 6 (2) ◽  
pp. 145-157
Author(s):  
Aleksandra Olender
Keyword(s):  
Public Sector ◽  
Risk Analysis ◽  
Impact Assessment ◽  
Risk Estimation ◽  
Personal Data ◽  
Security Measures ◽  
The Public ◽  
It Systems ◽  
Council Regulation ◽  
The Eu

The European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC, introduced a new one, a proactive model of protection of personal data processed in the organization, based on a risk-based approach. It imposed some new obligations on the administrators, related to conducting analysis of the risk of violation of the rights and freedoms of the persons, whose data they process. Considering the scope, scale and categories of personal data processed, public sector entities face a huge challenge to meet the restrictions of the EU legislator. An additional difficulty is often a very extensive organizational structure, complicated processing processes, limited financial resources and unadjusted IT systems. The article discusses the issues of risk analysis and impact assessment for the protection of personal data processed in the public sector, in order to meet the requirements of the GDPR. The key issue in this respect is the adoption of an appropriate methodology in the risk estimation process, because properly carried out, it enables the implementation of security measures adequate to potential threats.

“Beyond Mobistar” – Assessment of the Deterrent Effect of Direct Charges to Telephone Subscribers under Article 30(2) of the Universal Service Directive

2011 ◽  
Vol 2 (2) ◽  
pp. 279-282
Author(s):  
Markus Berliner
Keyword(s):  
Regulatory Authority ◽  
Maximum Amount ◽  
Mobile Telephone ◽  
Universal Service ◽  
Deterrent Effect ◽  
Electronic Communications ◽  
Communications Networks ◽  
National Regulatory Authority ◽  
Number Portability ◽  
A Charge

Article 30(2) of Directive 2002/22/EC of the European Parliament and of the Council of 7 March 2002 on universal service and users’ rights relating to electronic communications networks and services (Universal Service Directive [USD]) is to be interpreted as obliging the national regulatory authority to take account of the costs incurred by mobile telephone network operators in implementing the number portability service when it assesses whether the direct charge to subscribers for the use of that service is a disincentive. However, it retains the power to fix the maximum amount of that charge levied by operators at a level below the costs incurred by them, when a charge calculated only on the basis of those costs is liable to dissuade users from making use of the portability facility (official headnote).

scholarly journals RISK ANALYSIS AND DATA PROTECTION IMPACT ASSESSMENT CONDUCTED IN THE PUBLIC SECTOR

2020 ◽  
Vol 1(14)/2020 (1(14)/2020) ◽  
pp. 45-57
Author(s):  
Aleksandra OLENDER
Keyword(s):  
Public Sector ◽  
Risk Analysis ◽  
Impact Assessment ◽  
Risk Estimation ◽  
Personal Data ◽  
Security Measures ◽  
The Public ◽  
It Systems ◽  
Council Regulation ◽  
The Eu

The European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC introduced a new one, a proactive model of protection of personal data processed in the organization, based on a risk-based approach. It imposed on the administrators new obligations related to conducting analyzes of the risk of violation of the rights and freedoms of persons whose data they process. Considering the scope, scale and categories of personal data processed, public sector entities face a huge challenge to meet the restrictions of the EU legislator. An additional difficulty is often a very extensive organizational structure, complicated processing processes, limited financial resources and unadjusted IT systems. The article discusses issues of risk analysis and impact assessment for the protection of personal data processed in the public sector in order to meet the requirements of the GDPR. The key issue in this respect is the adoption of an appropriate methodology in the risk estimation process, because properly carried out it enables the implementation of security measures adequate to potential threats.

Sign in / Sign up

Export Citation Format

Share Document