BETA

Activities of Maite PAGAZAURTUNDÚA related to 2022/0084(COD)

Opinions (1)

OPINION on the proposal for a regulation of the European Parliament and of the Council on information security in the institutions, bodies, offices and agencies of the Union
2023/01/30
Committee: AFCO
Dossiers: 2022/0084(COD)
Documents: PDF(211 KB) DOC(141 KB)
Authors: [{'name': 'Maite PAGAZAURTUNDÚA', 'mepid': 125038}]

Amendments (23)

Amendment 40 #
Proposal for a regulation
Recital 2
(2) While progress has been made towards more consistent rules for the protection of European Union classified information (‘EUCI’) and non-classified information, the interoperability of the relevant systems remains limited, preventing a seamless transfer of information between the different Union institutions and bodies. Further efforts should therefore be made to enable aAn interinstitutional approach to the sharing of EUCI and sensitive non-classified information should be set up, with common categories of information and common key handling principles. A baseline should also be envisaged to simplify pProcedures for sharing EUCI and sensitive non-classified information between Union institutions and bodies and with Member States should be simplified.
2023/09/07
Committee: LIBE
Amendment 42 #
Proposal for a regulation
Recital 3
(3) Therefore, relevant rules ensuring a common level of information security in all Union institutions and bodies should be laid down. They should constitute a comprehensive and coherent general framework for protecting EUCI and non- classified information, and should ensure equivalence of basic principles and common minimum standards.
2023/09/07
Committee: LIBE
Amendment 43 #
Proposal for a regulation
Recital 3 a (new)
(3a) This Regulation lays down rules applicable to the administration of the all Union institutions and bodies, but it does not include the Commissioners, the Representatives of Member States acting within the Council, the Members of the European Parliament, the Judges of the Union Courts or the Members of the European Court of Auditors who are subject to their internal rules.
2023/09/07
Committee: LIBE
Amendment 48 #
Proposal for a regulation
Recital 3 b (new)
(3b) In order to ensure the effectiveness of this Regulation it would be appropriate to assess whether the internal rules applicable to Commissioners, the Representatives of Member States acting within the Council, the Members of the European Parliament, the Judges of the Union Courts or the Members of the European Court of Auditors are in line with the common minimum level of protection established by this Regulation and make the modifications needed, if this is not the case.
2023/09/07
Committee: LIBE
Amendment 50 #
Proposal for a regulation
Recital 3 c (new)
(3c) Access to information in a secure manner and in a context of mutual trust is essential for the European co-legislators to exercise their functions and not to be restricted in the exercise of their democratic functions; Members of the European Parliament exercise this legislative function and their access to information should therefore be governed by rules comparable in requirements to the common minimum standards established by this Regulation.
2023/09/07
Committee: LIBE
Amendment 63 #
Proposal for a regulation
Recital 12
(12) The principle of information security risk management should be at the core of the policy to be developed in the field by each Union institution and body. While the common minimum requirements laid down in this Regulation must be met, each Union institution and body should adopt specific security measures for protecting information in accordance with the results of an internal risk assessment. In the same way, the technical means to protect the information should be adapted to the specific situationneeds and specificities of each institution and body.
2023/09/07
Committee: LIBE
Amendment 67 #
Proposal for a regulation
Recital 15
(15) Since Union institutions and bodies frequently make use of contractors and outsourcing, it is important to establish common provisions relating to contractors’ personnel carrying out tasks related to information security. Such provisions should include, inter alia, a requirement in the tender procedures to undergo thorough vetting, taking into account the full range of the supply chain and economic and political environment in which the third parties operate. Where the relationships with third parties pose a risk to the integrity of democratic processes in the EU, they should be terminated without undue delay.
2023/09/07
Committee: LIBE
Amendment 75 #
Proposal for a regulation
Article 1 – paragraph 1
1. This Regulation lays down common minimum information security rules for all Union institutions and bodies.
2023/09/07
Committee: LIBE
Amendment 79 #
Proposal for a regulation
Article 2 – paragraph 1 a (new)
1a. This Regulation does not apply to the Commissioners, the Representatives of Member States acting within the Council, the Members of the European Parliament, the Judges of the Union Courts or the Members of the European Court of Auditors. In order to ensure the effectiveness of the Regulation and not to create any gap within the information security system or any discrepancies among people within the same institution, this institutions and bodies shall adopt internal rules aligned with this Regulation.
2023/09/07
Committee: LIBE
Amendment 86 #
Proposal for a regulation
Article 4 – paragraph 4 – point d
(d) integrity: the fact that the information is complete and completeness of information is unaltered and the fact that the technical infrastructure used to share information is protected from any foreign interference;
2023/09/07
Committee: LIBE
Amendment 90 #
Proposal for a regulation
Article 6 – paragraph 1 – subparagraph 2 a (new)
The appointed members of the Coordination Group shall be adequately gender and geographically balanced.
2023/09/07
Committee: LIBE
Amendment 92 #
Proposal for a regulation
Article 6 – paragraph 2 – point e a (new)
(ea) monitor compliance by Union institutions and bodies with this Regulation as well as with the guidance documents established pursuant to point (c) through the adoption of a yearly evaluation report, which shall compile input from the relevant sub-groups.
2023/09/07
Committee: LIBE
Amendment 95 #
Proposal for a regulation
Article 6 – paragraph 7
7. Union institutions and bodies shall bring to the attention of the Coordination Group any significant information security policy development within their organisation without undue delay.
2023/09/07
Committee: LIBE
Amendment 98 #
Proposal for a regulation
Article 8 – paragraph 1
1. Each Union institution and body shall designate a Security Authority to assume the responsibilities assigned by this Regulation and, where applicable, by its internal security rules monitor and ensure compliance by each Union institution or body concerned with the guidance documents adopted by the Coordination Group. In performing its tasks, each Security Authority shall have the support of the department or officer entrusted with Information Security tasks.
2023/09/07
Committee: LIBE
Amendment 101 #
Proposal for a regulation
Article 12 – paragraph 2
2. Union institutions and bodies mayshall mark with ‘PUBLIC USE’ the information referred to in paragraph 1.
2023/09/07
Committee: LIBE
Amendment 110 #
Proposal for a regulation
Article 16 – paragraph 1 – point e a (new)
(ea) monitoring compliance by Union institutions and bodies with the relevant provisions of this Regulation as well as with the guidance documents adopted by the Coordination Group.
2023/09/07
Committee: LIBE
Amendment 113 #
2a. In the event of any doubt as to the confidential nature of an item of information or its level of classification or in the event of a disagreement in between the European institutions, they shall consult each other without any delay and before transmission of this item of information. In these consultations, institutions shall be represented by the chair of the body concerned or the responsible for security matters. In the event of a disagreement, the matter shall be referred to the Presidents of the institutions so that they may resolve the dispute.
2023/09/07
Committee: LIBE
Amendment 126 #
Proposal for a regulation
Article 28 – paragraph 1 – point d a (new)
(da) monitoring compliance by Union institutions and bodies with the relevant provisions of this Regulation as well as with the guidance documents adopted by the Coordination Group.
2023/09/07
Committee: LIBE
Amendment 142 #
Proposal for a regulation
Article 40 – paragraph 1 – point c a (new)
(ca) monitoring compliance by Union institutions and bodies with the relevant provisions of this Regulation as well as with the guidance documents adopted by the Coordination Group.
2023/09/07
Committee: LIBE
Amendment 150 #
Proposal for a regulation
Article 52 – paragraph 2
2. The sub-group on EUCI sharing and exchange of classified information shall be composed of representatives from the European Parliament, the Commission, the Council and the European External Action Service and shall work by consensus.
2023/09/07
Committee: LIBE
Amendment 156 #
Proposal for a regulation
Article 60 – paragraph 2
2. All Union institutions and bodies that have been assessed either by Commission or, European Parliament, Council or EEAS before the [dd/mm/yyyy date of applicability], as suitable to handle and store EUCI, shall be considered as meeting the conditions referred to in Article 19(1).
2023/09/07
Committee: LIBE
Amendment 158 #
Proposal for a regulation
Article 61 – paragraph 1
1. By [dd/mm/yyyy 32 years after the date of application] at the latest, the Commission shall present a report on the implementation of this Regulation to the European Parliament and the Council.
2023/09/07
Committee: LIBE
Amendment 159 #
Proposal for a regulation
Article 61 – paragraph 2
2. No sooner than [53 years after the date of application] and every 5 years thereafter, the Commission shall carry out an evaluation of this Regulation and present a report on the main findings to the European Parliament and the Council.
2023/09/07
Committee: LIBE