Activities of Axel VOSS related to 2013/2188(INI)
Legal basis opinions (0)
Amendments (105)
Amendment 7 #
Motion for a resolution
Citation 37 a (new)
Citation 37 a (new)
– having regard to the Presidential Policy Directive/PPD-28 on Signals Intelligence Activities of 17th January 2014,
Amendment 8 #
Motion for a resolution
Citation 40 a (new)
Citation 40 a (new)
– having regard to the working document 1 on the US and EU Surveillance programmes and their impact on EU citizens fundamental rights,
Amendment 9 #
Motion for a resolution
Citation 40 b (new)
Citation 40 b (new)
– having regard to the working document 3 on the relation between the surveillance practices in the EU and the US and the EU data protection provisions,
Amendment 10 #
Motion for a resolution
Citation 40 c (new)
Citation 40 c (new)
– having regard to the working document 4 on US Surveillance activities with respect to EU data and its possible legal implications on transatlantic agreements and cooperation,
Amendment 11 #
Motion for a resolution
Citation 40 d (new)
Citation 40 d (new)
– having regard to the working document 5 on Democratic oversight of Member State intelligence services and of EU intelligence bodies,
Amendment 19 #
Motion for a resolution
Recital B
Recital B
B. whereas mutual trust and understanding are key factors in the transatlantic dialogue, partnership and relations;
Amendment 24 #
Motion for a resolution
Recital C
Recital C
C. whereas in September 2001 the world entered a new phase which resulted in the fight against terrorism being listed among the top priorities of most governments; whereas the revelations based on leaked documents from Edward Snowden, former NSA contractor, put democratically electedput political leaders under an obligation to address the challenges of the increasing capabilities of intelligence agencies in surveillance activities and their implications for the rule of law in a democratic society;
Amendment 68 #
Motion for a resolution
Recital P
Recital P
P. whereas, under the ECHR, Member States’ agencies and even private parties acting in the field of national security under certain circumstances also have to respect the rights enshrined therein, be they of their own citizens or of citizens of other States; whereas this also goes for cooperation with other States’ authorities in the field of national security;
Amendment 71 #
Motion for a resolution
Recital Q
Recital Q
Q. whereas the extra-territorial application by a third country of its laws, regulations and other legislative or executive instruments in situations falling under the jurisdiction of the EU or its Member States may impact on the established legal order and the rule of law, or even violate international or EU law, including the rights of natural and legal persons, taking into account the extent and the declared or actual aim of such an application; whereas, in these exceptional circumstances, it is necessary to take action at the EU level to ensure that the rule of law, and the rights of natural and legal persons are respected within the EU, in particularfor example by removing, neutralising, blocking or otherwise countering the effects of the foreign legislation concerned;
Amendment 72 #
Motion for a resolution
Recital R
Recital R
Amendment 74 #
Motion for a resolution
Recital R a (new)
Recital R a (new)
Ra. whereas the transfer of data is not geographically limited and especially in terms of increasing globalisation and worldwide communication the EU legislator is confronted with new challenges in terms of protecting personal data and communication, therefore it is of utmost importance to foster legal frameworks on common standards;
Amendment 75 #
Motion for a resolution
Recital R b (new)
Recital R b (new)
Rb. whereas the mass collection of personal data for commercial purposes and in the fight against terror and serious transnational crime put at risk the personal data and privacy rights of EU citizens;
Amendment 76 #
Motion for a resolution
Recital S
Recital S
S. whereas the US data protection legal framework does notshould ensure an adequate level of protection for EU citizens;
Amendment 77 #
Motion for a resolution
Recital U a (new)
Recital U a (new)
Ua. whereas in its working document 4 on US Surveillance activities with respect to EU data and its possible legal implications on transatlantic agreements and cooperation of 12 December 2013 the Rapporteurs expressed doubts and concerns as to the adequacy of the Safe Harbour and called on the Commission to end the adequacy of Safe Harbour and to find new legal solutions;
Amendment 85 #
Motion for a resolution
Recital AJ a (new)
Recital AJ a (new)
AJa. whereas terrorist finance tracking is an essential tool in the fight against terrorism financing and serious crime, allowing counter terrorism investigators to discover links between targets of investigation and other potential suspects connected with wider terrorist networks suspected of financing terrorism;
Amendment 86 #
Motion for a resolution
Recital AK
Recital AK
Amendment 88 #
Motion for a resolution
Recital AK a (new)
Recital AK a (new)
AKa. whereas the Commission outlined in its communication on a European terrorist finance tracking system (TFTS) that an own system would decrease the dependence from foreign intelligence providers and could strengthen the EU's own analytical capacity to track and identify terrorists through financial transactions whilst upholding and safeguarding the fundamental rights as enshrined in the Charter of Fundamental rights of the European Union;
Amendment 90 #
Motion for a resolution
Recital AM
Recital AM
AM. whereas during the LIBE delegation to Washington of 28-31 October 2013 the delegation met with the US Department of the Treasury; whereas the US Treasury officially stated that since the entry into force of the TFTP Agreethe US government (the NSA is in that sense considered part of the government it) hads not had access to data from SWIFT in the EU except within the framework of the TFTP; whereas the US Treasury refused to comment on whether SWIFT data would have been accessed outside TFTP by any obeen collecting and processing SWIFT data in any other way than as recognised in the agreement, whereas the US Department of the Treasury also gave assurances in relation to access to SWIFT formatted messages in accordance with other legal tools in place; whereas ther US government body or departDepartment of the Treasury did not comment or n whether the US administrationor not it was aware of NSA mass surveillance activities; whereas on 18 Dec24 September 2013 Mr Glenn GreenwEuropol and SWIFT officialds stated before the LIBE Committee inquiry that the NSA and GCHQ had targeted SWIFT networksre were no indications for a breach of the TFTP Agreement by the NSA;
Amendment 93 #
Motion for a resolution
Recital AP
Recital AP
AP. whereas the Joint Review fails to mention the fact that iArticle 13 of the agreement between the United States of America and the European Union on the cause of proceassieng of personal data for intelligence purposes, under US law, non- US citizens do not enjoy any judicial or administrative avenue to protect their rights, and constitutional protections are only granted to US persons; whereas this lack of judicial or administrative rights nullifies the protections for EU citizens laid down in the existing PNR agreementer name records to the United States Department of Homeland Security allows any individual regardless of nationality, country or origin, or place of residence, whose personal data and personal information has been processed and used in a manner inconsistent with the PNR Agreement, to seek effective administrative and judicial redress in accordance with US law;
Amendment 94 #
Motion for a resolution
Recital AR
Recital AR
AR. whereas the purpose of this general agreement is to establish the legal framework for all transfers of personal data between the EU and US for the sole purposes of preventing, investigating, detecting or prosecuting criminal offences, including terrorism, in the framework of police and judicial cooperation in criminal matters; whereas negotiations were authorised by the Council on 2 December 2010; whereas this agreement is of utmost importance and it would act as the basis to facilitate data transfer in the context of police and judicial cooperation and in criminal matters;
Amendment 95 #
Motion for a resolution
Recital AS
Recital AS
AS. whereas this agreement should provide for clear and precise legally binding data- processing principles and should in particular recognise EU citizens’' right to judicial access, rectification and erasure of their personal data in the US, as well as the right to an efficient administrative and judicial redress mechanism for EU citizens in the US and independent oversight of the data- processing activities;
Amendment 124 #
Motion for a resolution
Paragraph 1
Paragraph 1
1. Considers that recent revelations in the press by whistleblowers and journalists, together with the expert evidence given during this inquiry, have resulted in compelling evidence of the existence of far-reaching, complex and highly technologically advanced systems designed by US and some Member States’ intelligence services to collect, store and analyse communication and location data and metadata of all citizens around the world on an unprecedented scale and in an indiscriminate and non-suspicion-based manner; recalls the importance of strengthening the existing structures in the Member States against mass surveillance; therefore considers of utmost importance a decentralised structure for the purpose of data retention;
Amendment 127 #
Motion for a resolution
Paragraph 2
Paragraph 2
2. Points specifically to US NSA intelligence programmes allowing for the mass surveillance of EU citizens through direct access to the central servers of leading US internet companies (PRISM programme), the analysis of content and metadata (Xkeyscore programme), the circumvention of online encryption (BULLRUN), access to computer and telephone networks and access to location data, as well as to systems of the UK intelligence agency GCHQ such as its upstream surveillance activity (Tempora programme) and decryption programme (Edgehill); believes that the existence of programmes of a similar nature, even if on a more limited scale, is likely in other EU countries such as France (DGSE), Germany (BND) and Sweden (FRA);
Amendment 135 #
Motion for a resolution
Paragraph 4
Paragraph 4
4. States that trust has been profoundly shaken: trust between the two transatlantic partners, trust among EU Member States, trust between citizens and their governments, trust in the respect of the rule of law, and trust in the security of IT services and communication; believes that in order to rebuild trust in all these dimensions a comprehensive plan is urgently neededof the utmost urgency;
Amendment 142 #
Motion for a resolution
Paragraph 5 a (new)
Paragraph 5 a (new)
5a. Recalls EU's firm belief in the need to strike the right balance between security measures and the protection of civil liberties and fundamental rights, while ensuring the utmost respect for privacy and data protection;
Amendment 152 #
Motion for a resolution
Paragraph 7
Paragraph 7
7. Questions the compatibility of some Member States’ mapossivble economic espionage activities with the EU internal market and competition law as enshrined in Title I and Title VII of the Treaty on the Functioning of the European Union; reaffirms the principle of sincere cooperation as enshrined in Article 4 paragraph 3 of the Treaty on European Union and the principle that the Member States shall ‘refrain from any measures which could jeopardise the attainment of the Union’s objectives’;
Amendment 157 #
Motion for a resolution
Paragraph 10
Paragraph 10
Amendment 161 #
Motion for a resolution
Paragraph 11
Paragraph 11
11. Is adamant that secret laws, treaties and courts violate the rule of law; pPoints out that any judgment of a court or tribunal and any decision of an administrative authority of a non-EU state authorising, directly or indirectly, surveillance activities such as those examined by this inquiry may not be automatically recognised or enforced, but must be submitted individually to the appropriate national procedures on mutual recognition and legal assistance, including rules imposed by bilateral agreements;
Amendment 165 #
Motion for a resolution
Paragraph 12
Paragraph 12
12. Points out that the abovementioned concerns are exacerbated by rapid technological and societal developments; considers that, since internet and mobile devices are everywhere in modern daily life (‘'ubiquitous computing’') and the business model of most internet companies is based on the processing of personal data of all kinds that puts at risk the integrity of the person, the scale of this problem is unprecedented;
Amendment 167 #
Motion for a resolution
Paragraph 13
Paragraph 13
13. Regards it as a clear finding, as emphasised by the technology experts who testified before the inquiry, that at the current stage of technological development there is no guarantee, either for EU public institutions or for citizens, that their IT security or privacy can be protected from intrusion by well-equipped third countries or EU intelligence agencies (‘no 100% IT security’); notes that this alarming situation can only be remedied if Europeans are willing to dedicate sufficient resources, both human and financial, to preserving Europe’'s independence and self-reliance;
Amendment 172 #
Motion for a resolution
Paragraph 14
Paragraph 14
14. Strongly rejects the notion that these issuall issues related to mass surveillance programmes are purely a matter of national security and therefore the sole competence of Member States; recalls a recent ruling of the Court of Justice according to which ‘although it is for Member States to take the appropriate measures to ensure their internal and external security, the mere fact that a decision concerns State security cannot result in European Union law being inapplicable’38 ; recalls further that the protection of the privacy of all EU citizens is at stake, as are the security and reliability of all EU communication networks; believes therefore that discussion and action at EU level is not only legitimate, but also a matter of EU autonomy and sovereignty; __________________ 38 No 1 BvR 518/02 of 4 April 2006. No 1 BvR 518/02 of 4 April 2006.
Amendment 190 #
Motion for a resolution
Paragraph 19
Paragraph 19
19. Calls on the US authorities and the EU Member States to prohibit blanket mass surveillance activities and bulkmass processing of personal data for intelligence;
Amendment 205 #
Motion for a resolution
Paragraph 20
Paragraph 20
20. Calls on certain EU Member States, including the UK, Germany, France, Sweden and the Netherlands, to revise whereif necessary their national legislation and practices governing the activities of intelligence services so as to ensure that they are in line with the standards of the European Convention on Human Rights and comply with their fundamental rights obligations as regards data protection, privacy and presumption of innocence; in particular, given the extensive media reports referring to mass surveillance in the UK, would emphasise that the current legal framework which is made up of a ‘complex interaction’ between three separate pieces of legislation – the Human Rights Act 1998, the Intelligence Services Act 1994 and the Regulation of Investigatory Powers Act 2000 – should be revised;
Amendment 215 #
Motion for a resolution
Paragraph 22
Paragraph 22
22. Calls on the Member States immediately to fulfil their positive obligation under the European Convention on Human Rights to take measures to protect their citizens from surveillance contrary to its requiremenwhich violates human rights, including when the aim thereof is to safeguard national security, undertaken by third states and to ensure that the rule of law is not weakened as a result of extraterritorial application of a third country’s law;
Amendment 217 #
Motion for a resolution
Paragraph 24
Paragraph 24
24. Calls on Member States to take appropriate action immediately, including court action, against the breach of their sovereignty, and thereby the violation of general public international law, perpetrated through the mass surveillance programmes; calls further on EU Member States to make use of all available international measures to defend EU citizens’' fundamental rights, notably by triggering the inter-state complaint procedure under Article 41 of the International Covenant on Civil and Political Rights (ICCPR);
Amendment 219 #
Motion for a resolution
Paragraph 25
Paragraph 25
25. Calls on the US to revise its legislation without delay in order to bring it into line with international law, to recognise the privacy and other rights of EU citizens, to provide for judicial redress for EU citizens, to put rights of EU citizens on an equal footing with rights of US citizens and to sign the Additional Protocol allowing for complaints by individuals under the ICCPR;
Amendment 223 #
Motion for a resolution
Paragraph 28
Paragraph 28
28. Notes that the companies identified by media revelations as being involved in the large-scale mass surveillance of EU data subjects by US NSA are companies that have self-certified their adherence to the Safe Harbour, and that the Safe Harbour is the legal instrument used for the transfer of EU personal data to the US (Google, Microsoft, Yahoo!, Facebook, Apple, LinkedIn); expresses its concerns on the fact that these organisations admitted that they do not encrypt information and communications flowing between their data centres, thereby enabling intelligence services to intercept information39 ; welcomes in this regard the subsequent efforts by some US companies to accelerate plans to encrypt data flows among their global data centres; __________________ 39 The Washington Post, 31 October 2013.
Amendment 234 #
Motion for a resolution
Paragraph 33
Paragraph 33
33. Calls on the Commission to present by June 2014 a comprehensive assessment of the US privacy framework covering commercial, law enforcement and intelligence activities in response to the fact that the EU and the US legal systems for protecting personal data are drifting apart and a strategy for convergence on the basis of high and enforceable privacy standards;
Amendment 246 #
Motion for a resolution
Paragraph 44
Paragraph 44
44. Takes the view that the information provided by the European Commission and the US Treasury does not clarify whether US intelligence agencies have access to SWIFT financial messages in the EU by intercepting SWIFT networks or banks’ operating systems or communication networks, alone or in cooperation with EU national intelligence agencies and without having recourse to existing bilateral channels for mutual legal assistance and judicial cooperationclarify that there were no elements showing that the US Government has acted in a manner contrary to the provisions of the Agreement, and that the US has provided written assurance that no direct data collection has taken place contrary to the provisions of the TFTP Agreement;
Amendment 248 #
Motion for a resolution
Paragraph 45
Paragraph 45
Amendment 264 #
Motion for a resolution
Paragraph 48
Paragraph 48
48. Asks for an immediate resumption of the negotiations with the US on the ‘'Umbrella Agreement’', which should provide for clearput rights for EU citizens on an equal footing with rights for EUS citizens and, moreover the agreement should provide effective and enforceable administrative and judicial remedies for all EU citizens in the US without any discrimination;
Amendment 265 #
Motion for a resolution
Paragraph 49
Paragraph 49
49. Asks the Commission and the Council not to initiate any new sectorial agreements or arrangements for the transfer of personal data for law enforcement purposes with the US as long as the ‘'Umbrella Agreement’' has not entered into force;
Amendment 270 #
Motion for a resolution
Paragraph 52 a (new)
Paragraph 52 a (new)
52a. Recalls that the concepts of 'privacy by design' and 'privacy by default' are a strengthening of data protection and should be the guidelines for all products, services and systems provided in the internet;
Amendment 271 #
Motion for a resolution
Paragraph 52 b (new)
Paragraph 52 b (new)
52b. Considers higher transparency and safety standards for online and telecommunication as a necessary principal towards a better data protection regime, therefore calls on the Commission to bring forward a legal proposal on standardized general terms and conditions for online and telecommunications and to mandate a supervisory body to monitor the compliance of the general terms and conditions;
Amendment 277 #
Motion for a resolution
Paragraph 54
Paragraph 54
54. Reiterates its serious concerns about the compulsory direct disclosure of EU personal data of EU citizens and information processed under cloud agreements to third-country authorities by cloud providers subject to third-country laws or using storage servers located in third countries, and about direct remote access to personal data and information processed by third-country law enforcement authorities and intelligence services; suggests the creation of a reliable EU cloud, or if necessary a "Schengen cloud", as an useful tool in strengthening EU based IT systems against external threats; relaying on binding legal provisions ensuring that cloud data must be processed within in EU territory and without leaving EU borders;
Amendment 293 #
Motion for a resolution
Paragraph 59
Paragraph 59
59. Strongly emphasises, given the importance of the digital economy in the relationship and in the cause of rebuilding EU-US trust, that the European Parliament will only consent to the final TTIP agreement provided the agreement guarantees fully respects for EU fundamental rights recognised by the EU Charter, and that thestandards; supports a high level of protection of the privacy of individuals in relation to the processing and dissemination of personal data must continue to be governed by Article XIV of the GATS;and complies with the General Agreement on Trade in Services (GATS) provisions on the protection of personal data; (In conformity with Art. 13 of European Parliament resolution of 23 May 2013 on EU trade and investment negotiations with the United States of America (2013/2558(RSP)))
Amendment 296 #
Motion for a resolution
Paragraph 59
Paragraph 59
59. Strongly emphasises, given the importance of the digital economy in the relationship and in the cause of rebuilding EU-US trust, that the European Parliament will only consent to the final TTIP agreement provided inter alia the agreement guarantees fully respects for EU fundamental rights recognised by the EU Charter, and that the protection of the privacy of individuals in relation to the processing and dissemination of personal data must continue to be governed by Article XIV of the GATSstandards as well as a high level of protection of personal data in relation to the processing and dissemination according to the provisions of the General Agreement on Trade in Services (GATS) on the protection of personal data, which should benefit consumers on both sides of the Atlantic;
Amendment 297 #
Motion for a resolution
Paragraph 59
Paragraph 59
59. Strongly emphasises, given the importance of the digital economy in the relationship and in the cause of rebuilding EU-US trust, that the European Parliament will only consent to the final TTIP agreement provided theand distinguishes clearly the TTIP negotiations from revelations on the US NSA mass surveillance programme; however the TTIP agreement shall fully respects fundamental rights recognised by the EU Charter, and that the protection of the privacy of individuals in relation to the processing and dissemination of personal data must continue to be governed by Article XIV of the GATS;
Amendment 298 #
Motion for a resolution
Paragraph 59 a (new)
Paragraph 59 a (new)
59a. European Counter Intelligence policy (New heading for additional paragraphs)
Amendment 299 #
Motion for a resolution
Paragraph 59 b (new)
Paragraph 59 b (new)
59b. Urges Member States to immediately launch a process of setting up permanent structures to better cooperate in the field of counter intelligence at European level on, at first, a multilateral basis taking the conception of Europol in its first years as a blueprint;
Amendment 300 #
Motion for a resolution
Paragraph 59 c (new)
Paragraph 59 c (new)
59c. This European Counter Intelligence Service should be set up in order to protect the European citizens, EU institutions, national governments and parliaments, major European companies, European IT infrastructures and networks as well as European universities, science and research from spying. Therefore, calls on those Member States to provide for an active involvement of EU stakeholders in industries, businesses and science within this structure in order to assure an information and knowledge exchange between the European Counter Intelligence Service, Member State's counter intelligence services and European economical key players.
Amendment 301 #
Motion for a resolution
Paragraph 59 d (new)
Paragraph 59 d (new)
59d. Strongly demands this concept of a European Counter Intelligence Service to be added into the Treaties when being reformed the next time in order to assure a European oversight mechanism and involvement of the European Parliament in the decision making.
Amendment 312 #
Motion for a resolution
Paragraph 62
Paragraph 62
62. Calls for the setting up of a high-level group to strengthenUrges willing Member States for the setting up of a permanent cooperation in the field of counter intelligence at EU level, combined with a proper oversight mechanism ensuring both democratic legitimacy and adequate technical capacity; stresses that the high-level group should cooperate closely with national parliaments in order to propose further steps to be taken for increased oversight collaboration in the EUuropean level on, at first, a multilateral basis taking the conception of Europol in its first years as a blueprint. This European counter intelligence cooperation should be set up in order to protect the European citizens, economy, businesses and science from spying. This should be combined with a proper oversight mechanism ensuring democratic legitimacy;
Amendment 332 #
Motion for a resolution
Paragraph 70
Paragraph 70
70. Calls on the Commission to present, by September 2014, a proposal for an EU security clearance procedure for all EU office holders to the extent necessary, as the current system, which relies on the security clearance undertaken by the Member State of citizenship, provides for different requirements and lengths of procedures within national systems, thus leading to differing treatment of Members of Parliament and their staff depending on their nationality;
Amendment 336 #
Motion for a resolution
Paragraph 72
Paragraph 72
72. Calls on the Europol Joint Supervisory Body, together with national data protection authorities, to conduct a joint inspectionreview before the end of 2014 in order to ascertain whether information and personal data shared with Europol has been lawfully acquired by national authorities, particularly if the information or data was initially acquired by intelligence services in the EU or a third country, and whether appropriate measures are in place to prevent the use and further dissemination of such information or data;
Amendment 337 #
Motion for a resolution
Paragraph 72 a (new)
Paragraph 72 a (new)
72a. Welcomes the work of the specialised EU agencies and bodies in the field of IT security such as Europol's Cybercrime Centre (EC3), Eurojust, ENISA, CERT- EU and eu-LISA; reminds that the actions and support provided by these agencies deliver a direct added value for the EU and its Member States; deplores that many of these agencies still lack resources to fulfil their mandate while requests for support rise; calls on the Commission to reflect these necessities in the draft budget for 2015;
Amendment 338 #
Motion for a resolution
Paragraph 73
Paragraph 73
73. Calls on Europol to ask the competent authorities of the Member States, in linaccordance with its competencesmandate, to initiate investigations with regard to possible cybercrimes and cyber attacks committed by governments or private actors in the course of the activities under scrutiny;
Amendment 339 #
Motion for a resolution
Paragraph 73
Paragraph 73
73. Calls on Europol to ask the competent authorities of the Member States, in line with its competences, to initiate investigations with regard to possible cybercrimes and cyber attacks committed by governments or private actors in the course of the activities under scrutiny; calls on the Commission review the activities of the European Cybercrime Centre and to put forward if necessary a proposal for a comprehensive framework for strengthening the competences of the European Cybercrime Centre;
Amendment 347 #
Motion for a resolution
Paragraph 75
Paragraph 75
Amendment 352 #
Motion for a resolution
Paragraph 76
Paragraph 76
Amendment 357 #
Motion for a resolution
Paragraph 77
Paragraph 77
77. Points out that recent incidents clearly demonstrate the acute vulnerability of the EU, and in particular the EU institutions, national governments and parliaments, major European companies, European IT infrastructures and networks as well as European universities, science and research, to sophisticated attacks using complex software; notes that these attacks require such financial and human resources that they are likely to originate from state entities acting on behalf of foreign governments or even from certain EU national governments that support them; in this context, regards the case of the hacking or tapping of the telecommunications company Belgacom as a worrying example of an attack against the EU’'s IT capacity which clearly demonstrates the urgent need of a better protection through a European Counter Intelligence Service;
Amendment 363 #
Motion for a resolution
Paragraph 78
Paragraph 78
78. Takes the view that the mass surveillance revelations that have initiated this crisis can be used as an opportunity for Europe to take the initiative and build up an autonomous IT key-resource capability for the mid termas a strategic priority-one measure and as soon as possible; calls on the Commission and the Member States to use public procurement as leverage to support such resource capability in the EU by making EU security and privacy standards a key requirement in the public procurement of IT goods and services;
Amendment 364 #
Motion for a resolution
Paragraph 78
Paragraph 78
78. Takes the view that the mass surveillance revelations that have initiated this crisis can be used as an opportunity for Europe to take the initiative and build up an autonomous strong IT key-resource capability for the mid term; calls on the Commission and the Member States to use public procurement as leverage to support such resource capability in the EU by making EUthe strongest possible international security and privacy standards a key requirement in the public procurement of IT goods and services;
Amendment 366 #
Motion for a resolution
Paragraph 78
Paragraph 78
78. Takes the view that the mass surveillance revelations that have initiated this crisis can be used as an opportunity for Europe to take the initiative and build up an autonomous IT key-resource capability for the mid term; calls on the Commission and the Member States to use public procurement as leverage to support such resource capability in the EU by making EU security and privacy standards a key requirement in the public procurement of IT goods and services; therefore urges the Commission to review the current public procurement directives with regard to data based public procurement, in particular in the research sector; and to restrict public procurement only to certified companies; and only to EU companies if security interests or vital are involved;
Amendment 371 #
Motion for a resolution
Paragraph 80
Paragraph 80
80. Calls on all the Members States, the Commission, the Council and the European Council to address the EU’s dangerou's lack of autonomy in terms of IT tools, companies and providers (hardware, software, services and network), and encryption and cryptographic capabilities;
Amendment 372 #
Motion for a resolution
Paragraph 81
Paragraph 81
81. Calls on the Commission, standardisation bodies and ENISA to develop, by September 2014, minimum security and privacy standards which can set global benchmarks and guidelines for IT systems, networks and services, including cloud computing services, in order to better protect EU citizens’' personal data; believes that such standards should be set in an open and democratic process, not driven by a single country, entity or multinational company; takes the view that, while legitimate law enforcement and intelligence concerns need to be taken into account in order to support the fight against terrorism, they should not lead to a general undermining of the dependability of all IT systems;
Amendment 378 #
Motion for a resolution
Paragraph 82
Paragraph 82
82. Points out that both telecom companies and the EU and national telecom regulators have clearly neglected the IT security of their users and clients; calls on the Commission to make full use of its existing powers under the ePrivacy and Telecommunication Framework Directive to strengthen the protection of confidentiality of communication by adopting measures to ensure that terminal equipment is compatible with the right of users to control and protect their personal data, and to ensure a high level of security of telecommunication networks and services, including by way of requiring state-of-the-art encryption of communications;
Amendment 379 #
Motion for a resolution
Paragraph 83
Paragraph 83
83. Supports the EU cyber strategy but considers that it does not cover all possible threats and should be extended to cover malicious state behaviours; recalls that any necessary gain in powers and competences requires an equivalent increase in funding;
Amendment 383 #
Motion for a resolution
Paragraph 84 a (new)
Paragraph 84 a (new)
84a. Calls for the promotion of - EU search engines and EU social networks as a valuable step in the direction of EU's IT independency; - European IT-service provider; - encrypting communication in general including e-mail and sms communication; - European IT-key elements, for instance solutions for client-server-operating system, using open source standards, developing European elements for grid coupling, e.g. router;
Amendment 384 #
Motion for a resolution
Paragraph 84 b (new)
Paragraph 84 b (new)
84b. Calls on the Commission to present a proposal for a system of product certifying for hard- and software, because there is no structure in the EU for scrutinising hard- and software products regarding backdoors;
Amendment 385 #
Motion for a resolution
Paragraph 85
Paragraph 85
85. Calls on the Commission, in the framework of the next Work Programme of the Horizon 2020 Programme, to assess whether more resources should be directed towards boosting European research, development, innovation and training in the field of IT technologies, in particular privacy-enhancing technologies and infrastructures, cryptology, secure computing, open-sourcthe best possible security solutions and the Information Society;
Amendment 386 #
Motion for a resolution
Paragraph 85
Paragraph 85
85. Calls on the Commission, in the framework of the next Work Programme of the Horizon 2020 Programme, to assess whetherdirect more resources should be directed towards boosting European research, development, innovation and training in the field of IT technologies, in particular privacy-enhancing technologies and infrastructures, cryptology, secure computing, open-source security solutions and the Information Society; suggests to provide European companies, especially small and medium size enterprises, with financial and / or practical assistance as regards an optimal legal protection of European knowledge and research, for example in filing patent applications or bringing action against cyber-knowledge thefts;
Amendment 388 #
Motion for a resolution
Paragraph 85
Paragraph 85
85. Calls on the Commission, in the framework of the next Work Programme of the Horizon 2020 Programme, to assess whether more resources should be directed towards boosting European research, cyber security, development, innovation and training in the field of IT technologies, in particular privacy-enhancing technologies and infrastructures, the fight against cybercrime, cryptology, secure computing, open-source security solutions and the Information Society; considers that small and medium enterprises play a particular role in research;
Amendment 391 #
Motion for a resolution
Paragraph 85
Paragraph 85
85. Calls on the Commission, to strengthen the technological European infrastructure and the European digital market and therefore in the framework of the next Work Programme of the Horizon 2020 Programme, to assess whether; more resources should be directed towards boosting European research, development, innovation and training in the field of IT technologies, in particular privacy-enhancing technologies and infrastructures, cryptology, secure computing, open-source security solutions and the Information Society in order to make email and telecommunications safer; to promote the internal market for European soft- and hardware, and to promote cryptophones and to encrypt communication infrastructures;
Amendment 393 #
Motion for a resolution
Paragraph 86
Paragraph 86
86. Asks the Commission to map out current responsibilities and to review, by June 2014 at the latest, the need for a broader mandate, better coordination and/or additional resources and technical capabilities for Europol’s CyberCrime Centre, ENISA, CERT-EU and the EDPS in order to enable them to be more effective in preventing and investigating major IT breaches in the EU and in performing (or assisting Member States and EU bodies to perform) on-site technical investigations regarding major IT breaches;
Amendment 394 #
Motion for a resolution
Paragraph 86
Paragraph 86
86. Asks the Commission together with the European Parliament to map out current responsibilities and to review, by June 2014 at the latest, the need for a broader mandate, better coordination and/or additional resources and technical capabilities for Europol’s Cyber Crime Centre and other Union centres of specialised expertise, ENISA, CERT-EU and the EDPS in order to enable them to be more effective in investigating major IT breaches in the EU and in performing (or assisting Member States and EU bodies to perform) on-site technical investigations regarding major IT breaches;
Amendment 396 #
Motion for a resolution
Paragraph 86
Paragraph 86
86. Asks the Commission to map out current responsibilities and to review, by June 2014 at the latest, the need for a broader mandate, better coordination and/or additional resources and technical capabilities for Europol’'s CyberCrime Centre, ENISA, CERT-EU and the EDPS in order to enable them to be more effective in preventing and investigating major IT breaches in the EU and in performing (or assisting Member States and EU bodies to perform) on-site technical investigations regarding major IT breaches;
Amendment 397 #
Motion for a resolution
Paragraph 86 a (new)
Paragraph 86 a (new)
86a. Believes that ENISA should play a key role in securing European communication systems, therefore calls on the Commission, to present a legal proposal for the reform of ENISA, to strengthen its role in defending the internal systems within the EU institutions and to establish within ENISA's structure a Competent Emergency Response Team (CERT) for the EU and its Member States; in this regard recommends to consider a move of ENISA to Brussels;
Amendment 398 #
Motion for a resolution
Paragraph 87
Paragraph 87
87. Deems it necessary for the EU to be supported by an EU IT Academy that brings together the best European and international experts in all related fields, tasked with providing all relevant EU Institutions and bodies with scientific advice on IT technologies, including security-related strategies; as a first step asks the Commission to set up an independent scientific expert panel;
Amendment 399 #
Motion for a resolution
Paragraph 87
Paragraph 87
87. Deems it necessary for the EU to be supported by an EU IT Academy that brings together the best European experts in all related fields, tasked with providing all relevant EU Institutions and bodies with scientific advice on IT technologies, including security-related strategies; as a first step asks the Commission to set up an independent scientific expert panel;
Amendment 404 #
Motion for a resolution
Paragraph 88 – introductory part
Paragraph 88 – introductory part
88. Calls on the European Parliament’s General Secretariat to carry out, by September 2014 at the latest, a thorough review and assessment of the European Parliament’s IT security dependability focused on: budgetary means, staff resources, technical capabilities, internal organisation and all relevant elements, in order to achieve a high level of security for the EP’s IT systems; believes that such an assessment should at the least provide information analysis and recommendations on:
Amendment 406 #
Motion for a resolution
Paragraph 88 – point 2
Paragraph 88 – point 2
· the inclusion in tender procedures for new IT systems of best practice specific IT security/privacy requirements, including the possibility of a requirement for Open Source Software as a condition of purchase from among the widest possible choice of software options;
Amendment 407 #
Motion for a resolution
Paragraph 88 – point 2
Paragraph 88 – point 2
· the inclusion in tender procedures for new IT systems of specific IT security/privacy requirements, including the possibility of a requirement for Open Source Software as a condition of purchase or the requirement of trusted European companies to take part in the tender when sensitive, security- related areas are concerned;
Amendment 409 #
Motion for a resolution
Paragraph 88 – point 3
Paragraph 88 – point 3
· the list of non-EUS companies under contract with the European Parliament in the IT and telecom fields, taking into account revelations about NSA contracts with a company such as RSA, whose products the European Parliament is using to supposedly protect remote access to their data by its Members and staff;
Amendment 411 #
Motion for a resolution
Paragraph 88 – point 4
Paragraph 88 – point 4
· the reliability and resilience of third-party commerciall software used by the EU institutions in their IT systems with regard to penetrations and intrusions by EU or third-country law enforcement and intelligence authorities;
Amendment 413 #
Motion for a resolution
Paragraph 88 – point 5
Paragraph 88 – point 5
· the use of more open-source and EU- based systems and fewer off-the-shelf commercial systemsystems of companies from third countries;
Amendment 415 #
Motion for a resolution
Paragraph 88 – point 6
Paragraph 88 – point 6
· the impact ofsteps and measures to take in order to address the increased use of mobile tools (e.g. smartphones, tablets, whether professional or personal) and its effects on the IT security of the system;
Amendment 416 #
Motion for a resolution
Paragraph 88 – point 10
Paragraph 88 – point 10
· the use of cloud storage by the EP, including what kind of data is stored on the cloud, how the content and access to it is protected and where the cloud is-servers are located, clarifying the applicable data protection legal regime as well as an outlook on how it would be possible to assure that these cloud-servers are based on EU-territory only;
Amendment 417 #
Motion for a resolution
Paragraph 88 – point 10
Paragraph 88 – point 10
· the option for use of cloud storagecomputing and storage services by the EP, including what kind of data is stored on the cloud, how the content and access to it is protected and where the cloud is located, clarifying the applicable data protection legal regime;
Amendment 419 #
Motion for a resolution
Paragraph 88 – point 13
Paragraph 88 – point 13
· an analysis of the benefits of using the GNU Privacy Guard as a default encryption standard for emails which would at the same time allow for the use of digital signatures;
Amendment 421 #
Motion for a resolution
Paragraph 89
Paragraph 89
89. Calls on all the EU Institutions and agencies to perform a similar exercise in cooperation with ENISA, Europol and the CERTs, by December 2014 at the latest, in particular the European Council, the Council, the External Action Service (including EU delegations), the Commission, the Court of Justice and the European Central Bank; invites the Member States to conduct similar assessments;
Amendment 422 #
Motion for a resolution
Paragraph 91
Paragraph 91
91. Takes the view that the large-scale IT systems used in the area of freedom, security and justice, such as the Schengen Information System II, the Visa Information System, Eurodac and possible future systems, should be developed and operated in such a way as to ensure that data is not compromised as a result of US requests under the Patriot Actby authorities from third countries; asks eu- LISA to report back to Parliament on the reliability of the systems in place by the end of 2014;
Amendment 425 #
Motion for a resolution
Paragraph 93
Paragraph 93
93. Calls for the overall architecture of the internet in terms of data flows and storage to be reconsidered, striving for more data minimisation and transparency and less centralised mass storage of raw data, as well as avoiding unnecessary routing of traffic through the territory of countries that do not meet basic standards on fundamental rights, data protection and privacEU to take the lead in shaping the architecture of the internet such as to facilitate global exchanges and interconnection while maximising citizens' freedom and data security;
Amendment 429 #
Motion for a resolution
Paragraph 93 a (new)
Paragraph 93 a (new)
93a. Calls on the Commission to present a legal proposal for a EU-routing-system; a EU processing of call detail record (CDR); notes that all routing data and CDR should be processed in accordance with EU legal frameworks and without leaving the EU borders;
Amendment 431 #
Motion for a resolution
Paragraph 94
Paragraph 94
94. Calls on the Member States, in cooperation with ENISA, Europol’s CyberCrime Centre, CERTs and national data protection authorities and cybercrime units, and to develop a culture of security and to start an education and awareness- raising campaign in order to enable citizens to make a more informed choice regarding what personal data to put on line and how better to protect them, including through ‘digital hygiene’, encryption and safe cloud computing, making full use of the public interest information platform provided for in the Universal Service Directive;
Amendment 454 #
Motion for a resolution
Paragraph 106 a (new)
Paragraph 106 a (new)
106 a. Calls on the Commission to present an action plan for the establishment of a Single European Digital Area (SEDA), including commercial data, data used for law enforcement and intelligence purposes;
Amendment 464 #
Motion for a resolution
Paragraph 108
Paragraph 108
108. Is aware that some EU Member States are pursuing bilateral communication with the US authorities on spying allegations, and that some of them have concluded (United Kingdom) or envisage concluding (Germany, France) so-called ‘'anti-spying’' arrangements; underlines that these Member States need to observe fully the interests of the EU as a whole; therefore calls for a EU no-spy-agreement between Member States and a no-spy-agreement with third countries including an obligation for no spying on politicians, research and economy;
Amendment 468 #
Motion for a resolution
Paragraph 109 a (new)
Paragraph 109 a (new)
109a. Considers tap-proof communication structures (email and telecommunications, including landlines and cell phones) and tap-proof meeting rooms within all relevant EU institutions and EU delegations as absolutely necessary; therefore calls for the establishment of an encrypted internal EU email-system;
Amendment 472 #
Motion for a resolution
Paragraph 109 b (new)
Paragraph 109 b (new)
109b. Calls on the European Parliament to implement in its rules of procedure a structure for inquiry committees with equal competences as implemented in some Member States by their national parliaments;
Amendment 495 #
Motion for a resolution
Paragraph 114 – point 4
Paragraph 114 – point 4
Action 4: Suspend the TFTP agreement until (i) the Umbrella Agreement negotiations have been concluded; (ii) a thorough investigation has been concluded on the basis of an EU analysis, and all concerns raised by Parliament in its resolution of 23 October have been properly addressedto conclude the on-going negotiations on a data protection agreement for law enforcement purposes ("umbrella agreement") soon as possible;
Amendment 501 #
Motion for a resolution
Paragraph 114 – point 5
Paragraph 114 – point 5
Action 5: Protect the rule of law and, the fundamental rights of EU citizens, with a particular focus on threats to the freedom of the press and professional confidentiality (including lawyer-client relations) as well as enhanced protection for whistleblowers;
Amendment 503 #
Motion for a resolution
Paragraph 114 – point 6
Paragraph 114 – point 6
Action 6: Develop a European strategy for IT independencegreater IT innovative and technological capability (at national and EU level);
Amendment 504 #
Motion for a resolution
Paragraph 114 – point 6
Paragraph 114 – point 6
Action 6: Develop a European strategy for IT independence (at national and EU level) and to initiate a programme for growth for the IT industry which enables the European companies to develop and deliver products in all security related areas;
Amendment 514 #
Motion for a resolution
Paragraph 115 – point 1
Paragraph 115 – point 1
April-July 2014: a monitoring group based on the LIBE inquiry team responsible for monitoring any new revelations in the media concerning the inquiry’'s mandate and scrutinising the implementation of this resolution;
Amendment 518 #
Motion for a resolution
Paragraph 115 – point 4
Paragraph 115 – point 4