Activities of Baroness Sarah LUDFORD related to 2013/2188(INI)
Plenary speeches (2)
US NSA surveillance programme, surveillance bodies in various Member States and impact on EU citizens' fundamental rights (debate)
US NSA surveillance programme, surveillance bodies in various Member States and impact on EU citizens' fundamental rights (debate)
Amendments (25)
Amendment 226 #
Motion for a resolution
Paragraph 30
Paragraph 30
30. Takes the view that, as under the current circumstances the Safe Harbour principl if by the announced deadline there is no satisfactory response from the US authorities dto not provide adequate protecthe Commission's 13 recommendations for EU citizensstrengthened safeguards within the current Safe Harbour, these transfers should be carried out under other instruments, such as contractual clauses or BCRs setting out specific safeguards and protections pending the replacement of Safe Harbour by a new framework for transatlantic transfers which meets European privacy standards;
Amendment 230 #
Motion for a resolution
Paragraph 31
Paragraph 31
31. Calls on the Commission to present measures providing for the immediate suspension ofa proposal for a new framework for transatlantic transfers which meets European privacy standards to replace Commission Decision 520/2000, which declared the adequacy of the Safe Harbour privacy principles, and of the related FAQs issued by the US Department of Commerce;
Amendment 232 #
Motion for a resolution
Paragraph 32
Paragraph 32
32. Calls on Member States’' competent authorities, namely the data protection authorities, to make use of their existing powers and immediately suspend data flows to any organisation that has wrongly or deceptively self- certified its adherence to the US Safe Harbour Principles and to require that such data flows are only carried out under other instruments, provided they contain the necessary safeguards and protections with respect to the protection of the privacy and fundamental rights and freedoms of individuals;
Amendment 234 #
Motion for a resolution
Paragraph 33
Paragraph 33
33. Calls on the Commission to present by June 2014 a comprehensive assessment of the US privacy framework covering commercial, law enforcement and intelligence activities in response to the fact that the EU and the US legal systems for protecting personal data are drifting apart and a strategy for convergence on the basis of high and enforceable privacy standards;
Amendment 359 #
Motion for a resolution
Paragraph 77
Paragraph 77
77. Points out that recent incidents clearly demonstrate the acute vulnerability of the EU, and in particular the EU institutions, national governments and parliaments, major European companies, European IT infrastructures and networks, to sophisticated attacks using complex software and malware; notes that these attacks require such financial and human resources that they are likely to originate from state entities acting on behalf of foreign governments or even from certain EU national governments that support them; in this context, regards the case of the hacking or tapping of the telecommunications company Belgacom as a worrying example of an attack against the EU’s IT capacity;
Amendment 364 #
Motion for a resolution
Paragraph 78
Paragraph 78
78. Takes the view that the mass surveillance revelations that have initiated this crisis can be used as an opportunity for Europe to take the initiative and build up an autonomous strong IT key-resource capability for the mid term; calls on the Commission and the Member States to use public procurement as leverage to support such resource capability in the EU by making EUthe strongest possible international security and privacy standards a key requirement in the public procurement of IT goods and services;
Amendment 369 #
Motion for a resolution
Paragraph 80
Paragraph 80
80. Calls on all the Members States, the Commission, the Council and the European Council to address the EU’s dangerous lack of autonomy in terms ofgive the fullest support to development of European innovative and technological capability in IT tools, companies and providers (hardware, software, services and network), including for purposes of cybersecurity and encryption and cryptographic capabilities;
Amendment 372 #
Motion for a resolution
Paragraph 81
Paragraph 81
81. Calls on the Commission, standardisation bodies and ENISA to develop, by September 2014, minimum security and privacy standards which can set global benchmarks and guidelines for IT systems, networks and services, including cloud computing services, in order to better protect EU citizens’' personal data; believes that such standards should be set in an open and democratic process, not driven by a single country, entity or multinational company; takes the view that, while legitimate law enforcement and intelligence concerns need to be taken into account in order to support the fight against terrorism, they should not lead to a general undermining of the dependability of all IT systems;
Amendment 381 #
Motion for a resolution
Paragraph 84
Paragraph 84
84. Calls on the Commission, by January 2015 at the latest, to present an Action Plan to develop more EU independencenovative and technological capability in the IT sector, including a more coherent approach to boosting European IT technological capabilities (including IT systems, equipment, services, cloud computing, encryption and anonymisation) and to the protection of critical IT infrastructure (including in terms of ownership and vulnerability);
Amendment 385 #
Motion for a resolution
Paragraph 85
Paragraph 85
85. Calls on the Commission, in the framework of the next Work Programme of the Horizon 2020 Programme, to assess whether more resources should be directed towards boosting European research, development, innovation and training in the field of IT technologies, in particular privacy-enhancing technologies and infrastructures, cryptology, secure computing, open-sourcthe best possible security solutions and the Information Society;
Amendment 398 #
Motion for a resolution
Paragraph 87
Paragraph 87
87. Deems it necessary for the EU to be supported by an EU IT Academy that brings together the best European and international experts in all related fields, tasked with providing all relevant EU Institutions and bodies with scientific advice on IT technologies, including security-related strategies; as a first step asks the Commission to set up an independent scientific expert panel;
Amendment 406 #
Motion for a resolution
Paragraph 88 – point 2
Paragraph 88 – point 2
· the inclusion in tender procedures for new IT systems of best practice specific IT security/privacy requirements, including the possibility of a requirement for Open Source Software as a condition of purchase from among the widest possible choice of software options;
Amendment 408 #
Motion for a resolution
Paragraph 88 – point 3
Paragraph 88 – point 3
· the list of US companies under contract with the European Parliament in the IT and telecom fields, taking into account revelations about NSA contracts with a company such as RSA, whose products the European Parliament is using to supposedly protect remote access to their data by its Members and staffany information that has come to light about their cooperation with intelligence agencies;
Amendment 411 #
Motion for a resolution
Paragraph 88 – point 4
Paragraph 88 – point 4
· the reliability and resilience of third-party commerciall software used by the EU institutions in their IT systems with regard to penetrations and intrusions by EU or third-country law enforcement and intelligence authorities;
Amendment 412 #
Motion for a resolution
Paragraph 88 – point 5
Paragraph 88 – point 5
· the use of more open-soand maintenance of the most securce systems and fewer off-the-shelf commercial systembased on relevant international standards, best practice security risk management principles and adherence to EU Network Information Security standards including on security breaches;
Amendment 417 #
Motion for a resolution
Paragraph 88 – point 10
Paragraph 88 – point 10
· the option for use of cloud storagecomputing and storage services by the EP, including what kind of data is stored on the cloud, how the content and access to it is protected and where the cloud is located, clarifying the applicable data protection legal regime;
Amendment 419 #
Motion for a resolution
Paragraph 88 – point 13
Paragraph 88 – point 13
· an analysis of the benefits of using the GNU Privacy Guard as a default encryption standard for emails which would at the same time allow for the use of digital signatures;
Amendment 424 #
Motion for a resolution
Paragraph 92
Paragraph 92
92. Calls on the Commission and the EEAS to take action at the international level, with the UN in particular, and in cooperation with interested partners (such as Brazil), and to implement an EU strategy for democratic governance of the internet in order to prevent undue influence over ICANN’s and IANA’s activities by any individual entity, company or country by ensuring appropriate representation of all interested parties in these bodies, while avoiding the facilitation of state control or censorship or the 'balkanisation' and fragmentation of the internet;
Amendment 425 #
Motion for a resolution
Paragraph 93
Paragraph 93
93. Calls for the overall architecture of the internet in terms of data flows and storage to be reconsidered, striving for more data minimisation and transparency and less centralised mass storage of raw data, as well as avoiding unnecessary routing of traffic through the territory of countries that do not meet basic standards on fundamental rights, data protection and privacEU to take the lead in shaping the architecture of the internet such as to facilitate global exchanges and interconnection while maximising citizens' freedom and data security;
Amendment 474 #
Motion for a resolution
Paragraph 110
Paragraph 110
110. Calls on the Commission to present, in January 2015 at the latest, an EU strategy for democratic governance of the internet while avoiding the facilitation of state control or censorship or the 'balkanisation' and fragmentation of the internet;
Amendment 478 #
Motion for a resolution
Paragraph 112
Paragraph 112
112. Calls on the Member States to develop a coherent and strong strategy within the United Nations, supporting in particular the resolution on ‘The right to privacy in the digital age’ initiated by Brazil and Germany, as adopted by the third UN General Assembly Committee (Human Rights Committee) on 27 November 2013 but avoiding the facilitation of state control or censorship or the 'balkanisation' and fragmentation of the internet;
Amendment 489 #
Motion for a resolution
Paragraph 114 – point 3
Paragraph 114 – point 3
Action 3: Suspend Safe Harbour until a full review has been conducted andif by the announced deadline there is no satisfactory response from the US authorities to the Commission's 13 recommendations for strengthened safeguards which remedy current loopholes are remedied, making sure that transfers of personal data for commercial purposes from the Union to the US can only take place in compliance with highest EU standards;
Amendment 491 #
Motion for a resolution
Paragraph 114 – point 3 a (new)
Paragraph 114 – point 3 a (new)
Action 3a: The Commission to present a proposal for a new framework for transatlantic transfers which meets European privacy standards to replace Safe Harbour;
Amendment 503 #
Motion for a resolution
Paragraph 114 – point 6
Paragraph 114 – point 6
Action 6: Develop a European strategy for IT independencegreater IT innovative and technological capability (at national and EU level);
Amendment 508 #
Motion for a resolution
Paragraph 114 – point 7
Paragraph 114 – point 7
Action 7: Develop the EU as a reference player for a democratic and neutral governance of the internet while avoiding the facilitation of state control or censorship or the 'balkanisation' and fragmentation of the internet;