Activities of Marietje SCHAAKE related to 2016/0295(COD)
Plenary speeches (1)
Control of exports, transfer, brokering, technical assistance and transit of dual-use items (debate)
Amendments (111)
Amendment 58 #
Proposal for a regulation
Title 1
Title 1
Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL setting up a Union regime for the control of exports, transfer, brokering , technical assistance and transit of dual-use items and cyber-surveillance technologies (recast)
Amendment 60 #
Proposal for a regulation
Recital 5
Recital 5
(5) Considering the emergence of new categories of dual-use items, and iertain cyber-surveillance technologies have emerged as a new category of items that have been used to directly interfere with human rights, including the right to privacy, the right to data protection, freedom of expression and freedom of assembly and association, by monitoring or exfiltrating data without obtaining a specific, informed and unambiguous authorization of the owner or administrator of the system and/or by incapacitating or damaging the targeted system. In response to calls from the European Parliament, and indicationsevidence that certain cyber-surveillance technologies exported from the Unionools have been misused by persons complicit in or responsible for directing or committing serious violations of international human rights law or international humanitarian law in situations of armed conflict or internal repression, it is appropriate to control the export of those technologies in order to protect public security as well as public morals. These measures should not go beyond what is proportionate. They should, in particular, not prevent the export of information and communication technology used for legitimate purposes, including law enforcement and internet security research. The Commission, in close consultations with the Member States and stakeholders, will develop guidelines to support the practical applications of those controls. countries where serious human rights violations have been established, it is appropriate to control the export of those technologies. Serious human rights violations refer to situations as described in the User's Guide to Council Common Position 2008/944/CFSP1a and equipment, as endorsed by the Foreign Affairs Council on 20 July 2015. _______________________ 1aCouncil Common Position 2008/944/CFSP of 8 December 2008 defining common rules governing control of exports of military technology and equipment (OJ L 335, 13.12.2008, p. 99).
Amendment 65 #
Proposal for a regulation
Recital 6
Recital 6
(6) As a result, it is also appropriate to revise the definition of dual-use items, and to introduce a definition of cyber- surveillance technology. It should also be clarified that assessment criteria for the control of exports of dual-use items include considerations regarding their possible misuse in connecand cyber- surveillance technology takes into account the direct and indirect impact of these technologies on human rights, as well as their impact on the prevention withof acts of terrorism or human rights violations, as reflected in the User's Guide to Council Common Position 2008/944/CFSP1a. _______________________ 1aCouncil Common Position 2008/944/CFSP of 8 December 2008 defining common rules governing control of exports of military technology and equipment (OJ L 335, 13.12.2008, p. 99).
Amendment 69 #
Proposal for a regulation
Recital 6 a (new)
Recital 6 a (new)
(6a) These measures should not go beyond what is necessary and proportionate. They should, in particular, not prevent the export of information and communication technology used for legal purposes, including law enforcement and network and security research for the purposes of authorised testing or the protection of information security systems. The Commission, in close consultations with the Member States and stakeholders, should develop guidelines to support the practical applications of those controls.
Amendment 70 #
Proposal for a regulation
Recital 7
Recital 7
(7) Transmission of dual-use and cyber-surveillance software and technology by means of electronic media, fax or telephone to destinations outside the Union should also be controlled. In order to limit the administrative burden for exporters and the competent authorities of the Member States, the definition of export should however be revised to exclude transmissions which do not pose a grave risk of proliferation or other misuse covered by this Regulation.
Amendment 72 #
Proposal for a regulation
Recital 7 a (new)
Recital 7 a (new)
(7a) Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation) obliges data protection controllers and processors to implement technical measures to ensure a level of security appropriate to the risk of processing, including by the encryption of personal data. Since that Regulation stipulates that it applies to the processing of personal data regardless of whether the processing takes place within the Union or not, there is a strong incentive for the Union to remove cryptography items from the control list in order to facilitate the implementation of the General Data Protection Regulation, and increase the competitiveness of European businesses in this context. Additionally, the current level of control on encryption runs counter to the fact that encryption is a key means to ensure that citizens, businesses and governments can protect their data against criminals and other malicious actors, to secure access to services that are crucial for the functioning of the Digital Single Market, and to enable secure communications, which are necessary to protect the right to privacy, the right to data protection and the freedom of expression, in particular for human rights defenders. _______________________ 1aRegulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
Amendment 73 #
Proposal for a regulation
Recital 8
Recital 8
(8) Considering that various categories of persons may be involved in the export of dual-use items and cyber-surveillance technologies, including natural persons such as service providers, researchers, consultants and persons transmitting dual- use items electronically, the definition of exporter, and its application to natural persons, should be clarified.
Amendment 75 #
Proposal for a regulation
Recital 9
Recital 9
(9) The scope of "catch-all controls", that apply to non-listed dual use items and cyber-surveillance technologies in specific circumstances, should be clarified and harmonised, and should address the risk of terrorismt acts and human rights violations. Appropriate exchange of information and consultations on "catch all controls" should ensure the effective and consistent application of controls throughout the Union. Targeted catch-all controls should also apply, under certain conditions, to the export of cyber- surveillance technology.
Amendment 80 #
Proposal for a regulation
Recital 12
Recital 12
(12) Regulation (EC) No 428/2009 provides for a possibility for Member States’ authorities to prohibit on a case-by- case basis the transit of non-Union dual- use items or cyber-surveillance technologies, where they have reasonable grounds for suspecting from intelligence or other sources that the items are or may be intended in their entirety or in part for proliferation of weapons of mass destruction or of their means of delivery. For reasons of effectiveness and consistency, transit controls should be harmonised and apply also in order to prevent acts of terrorism and human rights violations.
Amendment 81 #
Proposal for a regulation
Recital 13
Recital 13
(13) Licensing conditions and requirements, including the period of validity and licensing timelines for individual and global authorisations, should be harmonised in order to avoid distortions of competition and ensure the consistent and effective application of controls throughout the Union. To this effect, it is also necessary to ensure a clear determination of the competent authority in all control situations The responsibility for deciding on individual, global or national general export authorisations, on authorisations for brokering services and technical assistance , as well as on transits of non-Union dual-use items or cyber- surveillance technologies, lies with national authorities.
Amendment 83 #
Proposal for a regulation
Recital 16
Recital 16
(16) Common lists of dual-use items, cyber-surveillance technologies, destinations and guidelines are essential elements for an effective export control regime.
Amendment 84 #
Proposal for a regulation
Recital 16 a (new)
Recital 16 a (new)
(16a) Considering the rapid advance of technological developments, it is appropriate that the Union introduces controls on certain types of cyber- surveillance technologies on the basis of a unilateral list, in Section B of Annex I. Given the importance of the multilateral export control system, it is appropriate that Section B of Annex I is limited in scope only to cyber-surveillance technologies and does not contain any duplications with Section A of Annex I .
Amendment 87 #
Proposal for a regulation
Recital 17
Recital 17
(17) Decisions to update the common list of dual-use items subject to export controls in Section A of Annex I should be in conformity with the obligations and commitments that Member States and the Union have accepted as members of the relevant international non-proliferation regimes and export control arrangements, or by ratification of relevant international treaties. Decisions to update the common list of dual-use itemcyber-surveillance technologies subject to export controls in Section B of Annex I, such as cyber-surveillance technology, should be made in consideration of the risks that the export of such items may pose as regards the commissuse for violations of serious violinternations ofal human rights law or international humanitarian law in countries where serious human rights violations have been established, or the essential security interests of the Union and its Member States. Decisions to update the common list of dual-use items subject to export controls in Section B of Annex IV should be made in consideration of the public policy and public security interests of the Member States under Article 36 of the Treaty on the Functioning of the European Union. Decisions to update the common lists of items and destinations set out in Sections A to J of Annex II should be made in consideration of the assessment criteria set out in this Regulation.
Amendment 89 #
Proposal for a regulation
Recital 18
Recital 18
(18) In order to allow for a swift Union response to changing circumstances as regards the assessment of the sensitivity of exports under Union General Export Authorisations as well as technological and commercial developments, the power to adopt acts in accordance with Article 290 of the Treaty on the Functioning of the European Union should be delegated to the Commission in respect of amending Sections A and B of Annex I, Annex II and Section B of Annex IV to this Regulation. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement on Better Law-Making of 13 April 2016. In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council should receive all documents at the same time as Member States' experts, and their experts systematically should have access to meetings of Commission expert groups dealing with the preparation of delegated acts.
Amendment 91 #
Proposal for a regulation
Recital 19
Recital 19
(19) National provisions and decisions affecting exports of dual-use items and cyber-surveillance technologies should be taken in the framework of the common commercial policy, and in particular Regulation (EU) 2015/479 of the European Parliament and of the Council16 . Appropriate exchange of information and consultations on national provisions and decisions should ensure the effective and consistent application of controls throughout the Union. __________________ 16 Regulation (EU) 2015/479 of the European Parliament and of the Council on common rules for exports (OJ L83, 27.03.2015, p. 34).
Amendment 92 #
Proposal for a regulation
Recital 22 a (new)
Recital 22 a (new)
(22a) Given the importance of accountability and public scrutiny of export control activities, it is appropriate that Member States should make publicly available all relevant licensing data.
Amendment 94 #
Proposal for a regulation
Recital 25
Recital 25
(25) Outreach to the private sector and transparency are essential elements for an effective export control regime. It is therefore appropriate to provide for the continued development of guidanceelines to support the application of this Regulation and for the publication of an annual report on the implementation of controls, in line with current practice. Given the importance of guidelines for the interpretation of some elements of this Regulation, it is appropriate that these guidelines shall be publicly available when this Regulation enters into force.
Amendment 99 #
Proposal for a regulation
Recital 27
Recital 27
(27) Each Member State should determine effective, proportionate and dissuasive penalties applicable in the event of breach of the provisions of this Regulation. It is desirable to achieve a level-playing field and a coherent approach and therefore it is appropriate that penalties in each Member State are similar in nature and effect. It is also appropriate to introduce provisions to tackle specifically instances of illicit trafficking of dual-use items in order to support effective enforcement of controls.
Amendment 104 #
Proposal for a regulation
Article 1 – paragraph 1
Article 1 – paragraph 1
This Regulation sets up a Union regime for the control of exports, brokering , technical assistance, transit and transfer of dual-use items and cyber-surveillance technologies.
Amendment 110 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 – point b
Article 2 – paragraph 1 – point 1 – point b
Amendment 115 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
Article 2 – paragraph 1 – point 1 a (new)
1a. 'cyber-surveillance technology' shall mean items which can be used to directly interfere with human rights, including the right to privacy, the right to free speech and the freedom of assembly and association, or which can be used for the commission of serious violations of human rights law or international humanitarian law, or can pose a threat to international security or the essential security of the Union and its Member States and which are specially designed to enable the covert intrusion into information and telecommunication systems with a view to monitoring, exfiltrating, collecting and analysing data and/or incapacitating or damaging the targeted system without the specific, informed and unambiguous authorisation of the owner or the administrator of the systems. This includes items related to the following technology and equipment: (a) mobile telecommunication interception equipment (b) intrusion software (c) monitoring centers (d) lawful interception systems and data retention systems
Amendment 118 #
Proposal for a regulation
Article 2 – paragraph 1 – point 3 – –subparagraph 2
Article 2 – paragraph 1 – point 3 – –subparagraph 2
Where the benefit of a right to dispose of the dual-use item or cyber-surveillance technology belongs to a person resident or established outside the Union pursuant to the contract on which the export is based, the exporter shall be considered to be the contracting party resident or established in the Union.
Amendment 119 #
Proposal for a regulation
Article 2 – paragraph 1 – point 4
Article 2 – paragraph 1 – point 4
4. ‘export declaration’ shall mean the act whereby a person indicates in the prescribed form and manner the wish to export dual-use items or cyber- surveillance technologies specified in points 1 and 2;
Amendment 120 #
Proposal for a regulation
Article 2 – paragraph 1 – point 5 a (new)
Article 2 – paragraph 1 – point 5 a (new)
(5a) 'end-user' shall mean any natural or legal person or entity that is the final recipient and user of the exported dual- use items or cyber-surveillance technologies.
Amendment 121 #
Proposal for a regulation
Article 2 – paragraph 1 – point 6 – subparagraph 1 – point a
Article 2 – paragraph 1 – point 6 – subparagraph 1 – point a
(a) the negotiation or arrangement of transactions for the purchase, sale or supply of dual-use items or cyber- surveillance technologies from a third country to any other third country, or
Amendment 122 #
Proposal for a regulation
Article 2 – paragraph 1 – point – 6 – subparagraph 1 – point b
Article 2 – paragraph 1 – point – 6 – subparagraph 1 – point b
(b) the selling or buying of dual-use items and cyber-surveillance technologies that are located in third countries for their transfer to another third country.
Amendment 127 #
Proposal for a regulation
Article 2 – paragraph 1 – point 10 – introductory part
Article 2 – paragraph 1 – point 10 – introductory part
10. ‘transit’ shall mean a transport of non-Union dual-use items or cyber- surveillance technologies entering and passing through the customs territory of the Union with a destination outside the Union including items:
Amendment 128 #
Proposal for a regulation
Article 2 – paragraph 1 – point 11
Article 2 – paragraph 1 – point 11
11. ‘individual export authorisation’ shall mean an authorisation granted to one specific exporter for one end user or consignee in a third country and covering one or more dual-use items or cyber- surveillance technologies;
Amendment 129 #
Proposal for a regulation
Article 2 – paragraph 1 – point 12
Article 2 – paragraph 1 – point 12
12. ‘global export authorisation’ shall mean an authorisation granted to one specific exporter in respect of a type or category of dual-use item or cyber- surveillance technology which may be valid for exports to one or more specified end users in one or more specified third countries;
Amendment 132 #
Proposal for a regulation
Article 2 – paragraph 1 – point 13
Article 2 – paragraph 1 – point 13
13. 'large project authorisation' shall mean a global export authorisation granted to one specific exporter, in respect of a type or category of dual-use item or cyber- surveillance technology which may be valid for exports to one or more specified end users in one or more specified third countries for the duration of a specified project the realisation of which exceeds one year;
Amendment 135 #
Proposal for a regulation
Article 2 – paragraph 1 – point 15
Article 2 – paragraph 1 – point 15
15. ‘Union general transfer authorisation’ shall mean an authorisation granted for transfers of certain dual-use items or cyber-surveillance technologies between Member States available to all operators who respect its conditions and requirements for use as listed in Section A of Annex IV;
Amendment 138 #
Proposal for a regulation
Article 2 – paragraph 1 – point 21
Article 2 – paragraph 1 – point 21
Amendment 157 #
Proposal for a regulation
Article 3 – paragraph 1
Article 3 – paragraph 1
1. An authorisation shall be required for the export of the dual-use items and cyber-surveillance technologies listed in Annex I.
Amendment 160 #
Proposal for a regulation
Article 3 – paragraph 2
Article 3 – paragraph 2
2. Pursuant to Article 4 or Article 8, an authorisation may also be required for the export to all or certain destinations of certain dual-use items or cyber- surveillance technologies not listed in Annex I.
Amendment 163 #
Proposal for a regulation
Article 4 – paragraph 1 – introductory part
Article 4 – paragraph 1 – introductory part
1. An authorisation shall be required for the export of dual-use items or cyber- surveillance technologies not listed in Annex I if the exporter has been informed by the competent authority that the items in question are or may be intended, in their entirety or in part:
Amendment 170 #
Proposal for a regulation
Article 4 – paragraph 1 – point d
Article 4 – paragraph 1 – point d
(d) for use by persons complicit in or responsible for directing or committing serious violations of international human rights law or international humanitarian law in situations of armed conflict or internal repression in the country of final destination, as identified by relevant public international institutions,countries where serious violations of human rights have been established by the competent bodies of the UN, the Council orf Europea, the Union or national competent authorities, and where there is evidence of the use of this or similar items for directing or implementing such serious violations by the proposed end-user;
Amendment 179 #
Proposal for a regulation
Article 4 – paragraph 1 – point e
Article 4 – paragraph 1 – point e
(e) for use in connection with acts of terrorismby persons, groups and entities involved in terrorist acts and subject to restrictive measures as laid down in Common position 2001/931/CFSP1a. _______________________ 1a Council Common Position 2001/931/CFSP of 27 December 2001 on the application of specific measures to combat terrorism (OJ L 344, 28.12.2001, p. 93–96).
Amendment 185 #
Proposal for a regulation
Article 4 – paragraph 2
Article 4 – paragraph 2
2. If an exporter, under his obligation to exercise due diligence, is aware that dual-use items or cyber-surveillance technologies which he proposes to export, not listed in Annex I, are intended, in their entirety or in part, for any of the uses referred to in paragraph 1, he must notify the competent authority, which will decide whether or not it is expedient to make the export concerned subject to authorisation.
Amendment 191 #
Proposal for a regulation
Article 4 – paragraph 3
Article 4 – paragraph 3
3. Authorisations for the export of non-listed items shall be granted for specific items and end-users. The authorisations shall be granted by the competent authority of the Member State where the exporter is resident or established or, in case when the exporter is a person resident or established outside the Union, by the competent authority of the Member State where the items are located. The authorisations shall be valid throughout the Union. The authorisations shall be valid for onetwo years, and may be renewed by the competent authority.
Amendment 195 #
Proposal for a regulation
Article 4 – paragraph 4 – subparagraph 1
Article 4 – paragraph 4 – subparagraph 1
A Member State which imposes an authorisation requirement, in application of paragraphs 1 , 2 and 3 on the export of a dual-use item or cyber-surveillance technology not listed in Annex I, shall immediately inform the other Member States and the Commission and provide them with the relevant information, in particular concerning the items and end- users concerned . The other Member States shall give all due consideration to this information and shall make known within 10 working days any objections they may have to the imposition of such an authorisation requirement. In exceptional cases, any Member State consulted may request an extension of the 10-day period. However, the extension may not exceed 30 working days.
Amendment 198 #
Proposal for a regulation
Article 4 – paragraph 4 – subparagraph 2
Article 4 – paragraph 4 – subparagraph 2
If no objections are received, the Member States consulted shall be considered to have no objection and shall impose authorisations requirements for all "essentially similar transactions". They shall inform their customs administration and other relevant national authorities about the authorisations requirements. Further, if no objections are received, the Commission shall assess the necessity to adopt delegated acts adding items referred to in paragraphs 1, 2 and 3 to Annex I and Section B of Annex IV in line with the procedures provided for in Article 16.
Amendment 201 #
Proposal for a regulation
Article 4 – paragraph 4 – subparagraph 3
Article 4 – paragraph 4 – subparagraph 3
If objections are received from any consultedt least four Member States representing at least 35% of the population of the Union, the requirement for authorisation shall be revoked unless the Member State which imposes the authorisation requirement considers that an export might prejudice its essential security interests, or risk being used by persons complicit in or responsible for directing or committing violations of international human rights law or international humanitarian law in countries where serious human rights violations have been established. In that case, that Member State may decide to maintain the authorisation requirement. This should be notified to the Commission and the other Member States without delay.
Amendment 204 #
Proposal for a regulation
Article 4 – paragraph 5
Article 4 – paragraph 5
5. The provisions of Article 15(1), (2) and (5) to (7) shall apply to cases concerning dual-use items or cyber- surveillance technologies not listed in Annex I.
Amendment 205 #
Proposal for a regulation
Article 5 – paragraph 1
Article 5 – paragraph 1
1. An authorisation shall be required for brokering services of dual-use items or cyber-surveillance technologies if the broker has been informed by the competent authority that the items in question are or may be intended, in their entirety or in part, for any of the uses referred to in Article 4(1).
Amendment 207 #
Proposal for a regulation
Article 5 – paragraph 2
Article 5 – paragraph 2
2. If a broker is aware that the dual- use items or cyber-surveillance technologies for which he proposes brokering services are intended, in their entirety or in part, for any of the uses referred to in Article 4(1), he must notify the competent authority which will decide whether or not it is expedient to make such brokering services subject to authorisation.
Amendment 211 #
Proposal for a regulation
Article 6 – paragraph 1
Article 6 – paragraph 1
1. The transit of non-Union dual-use items or cyber-surveillance technologies may be prohibited at any time by the competent authority of the Member State where the items are situated if the items are or may be intended, in their entirety or in part, for uses referred to in Article 4(1).
Amendment 213 #
Proposal for a regulation
Article 6 – paragraph 2 – subparagraph 1
Article 6 – paragraph 2 – subparagraph 1
Before deciding whether or not to prohibit a transit the competent authority may impose in individual cases an authorisation requirement for the specific transit of dual- use items or cyber-surveillance technologies if the items are or may be intended, in their entirety or in part, for uses referred to in Article 4(1).
Amendment 215 #
Proposal for a regulation
Article 7 – paragraph 1
Article 7 – paragraph 1
1. An authorisation shall be required for the provision, directly or indirectly, of technical assistance related to dual-use items and cyber-surveillance technologies, or related to the provision, manufacture, maintenance and use of dual- use items and cyber-surveillance technologies, if the supplier of technical assistance has been informed by the competent authority that the items in question are or may be intended, in their entirety or in part, for any of the uses referred to in Article 4.
Amendment 220 #
Proposal for a regulation
Article 7 – paragraph 2
Article 7 – paragraph 2
If a supplier of technical assistance is aware that the dual-use items or cyber- surveillance technologies for which he proposes to supply technical assistance are intended, in their entirety or in part, for any of the uses referred to in Article 4, he must notify the competent authority which will decide whether or not it is expedient to make such technical assistance subject to authorisation.
Amendment 224 #
Proposal for a regulation
Article 8 – paragraph 1
Article 8 – paragraph 1
1. A Member State may prohibit or impose an authorisation requirement on the export of dual-use items or cyber- surveillance technologies not listed in Annex I for reasons of public security or for human rights considerations.
Amendment 229 #
Proposal for a regulation
Article 9 – paragraph 2 – introductory part
Article 9 – paragraph 2 – introductory part
2. A Member State may impose an authorisation requirement for the transfer of other dual-use items or cyber- surveillance technologies from its territory to another Member State in cases where at the time of transfer:
Amendment 230 #
Proposal for a regulation
Article 9 – paragraph 7
Article 9 – paragraph 7
7. The relevant commercial documents relating to intra-Union transfers of dual-use items or cyber-surveillance technologies listed in Annex I shall indicate clearly that those items are subject to controls if exported from the Union. Relevant commercial documents include, in particular, any sales contract, order confirmation, invoice or dispatch note.
Amendment 239 #
Proposal for a regulation
Article 10 – paragraph 3
Article 10 – paragraph 3
3. Individual export authorisations and global export authorisations shall be valid for onetwo years, and may be renewed by the competent authority. Global export authorisations for large projects shall be valid for a duration to be determined by the competent authority.
Amendment 243 #
Proposal for a regulation
Article 10 – paragraph 4 – subparagraph 1
Article 10 – paragraph 4 – subparagraph 1
Exporters shall supply the competent authority with all relevant information required for their applications for individual and global export authorisation so as to provide complete information in particular on the end user, the country of destination and the end use of the item exported. When dealing with governmental end-users, the information supplied shall define specifically which department, agency, unit or sub-unit will be the final end-user of the item exported.
Amendment 244 #
Proposal for a regulation
Article 10 – paragraph 4 – subparagraph 2
Article 10 – paragraph 4 – subparagraph 2
Authorisations may be subject, if appropriate,for cyber-surveillance technology shall be subject to an end-use statement. Authorisations for other items may be subject to an end-use statement. if appropriate.
Amendment 250 #
Proposal for a regulation
Article 10 – paragraph 4 – subparagraph 3 – point a
Article 10 – paragraph 4 – subparagraph 3 – point a
(a) the description of the dual-use items or cyber-surveillance technologies, including the relevant control entry from Section A of Annex I;
Amendment 251 #
Proposal for a regulation
Article 10 – paragraph 4 – subparagraph 3 – point b
Article 10 – paragraph 4 – subparagraph 3 – point b
(b) the quantity and the value of the dual-use items or cyber-surveillance technologies;
Amendment 252 #
Proposal for a regulation
Article 10 – paragraph 4 – subparagraph 3 – point d
Article 10 – paragraph 4 – subparagraph 3 – point d
(d) where known, the end-use and end- user of the dual-use items or cyber- surveillance technologies.
Amendment 264 #
Proposal for a regulation
Article 11 – paragraph 3
Article 11 – paragraph 3
3. Brokers and suppliers of technical assistance shall supply the competent authority with all relevant information required for their application for authorisation under this Regulation, in particular details of the location of the dual-use items or cyber-surveillance technologies, a clear description of the items and the quantity involved, third parties involved in the transaction, the third country of destination, the end-user in that country and its exact location.
Amendment 265 #
Proposal for a regulation
Article 13 – paragraph 1 – subparagraph 1
Article 13 – paragraph 1 – subparagraph 1
If the dual-use items or cyber-surveillance technologies in respect of which an application has been made for an individual export authorisation to a destination not listed in Section A of 1 Annex II or to any destination in the case of dual-use items listed in Section B of Annex IV are or will be located in one or more Member States other than the one where the application has been made, that fact shall be indicated in the application. The competent authority of the Member State to which the application for authorisation has been made shall immediately consult the competent authorities of the Member State or States in question and provide the relevant information. The Member State or States consulted shall make known within 10 working days any objections it or they may have to the granting of such an authorisation, which shall bind the Member State in which the application has been made.
Amendment 276 #
Proposal for a regulation
Article 14 – paragraph 1 – point e a (new)
Article 14 – paragraph 1 – point e a (new)
(ea) the behaviour of the buyer country with regard to the international community, as regards in particular its attitude to terrorism, the nature of its alliances and respect for international law;
Amendment 278 #
Proposal for a regulation
Article 14 – paragraph 1 – point f
Article 14 – paragraph 1 – point f
(f) considerations about intended end use and the risk of diversion , including existence of a risk that the dual-use items or cyber-surveillance technologies will be diverted or re-exported under undesirable conditions .
Amendment 283 #
Proposal for a regulation
Article 14 – paragraph 1 – point f a (new)
Article 14 – paragraph 1 – point f a (new)
(fa) The compatibility of the exports of the items with the technical and economic capacity of the recipient country;
Amendment 284 #
Proposal for a regulation
Article 14 – paragraph 1 a (new)
Article 14 – paragraph 1 a (new)
1a. In deciding whether or not to grant an individual or global export authorisation or to grant an authorisation for brokering services or technical assistance for cyber-surveillance technologies, the competent authorities of the Member States shall in particular consider the risk of violation of the right to privacy, the right to data protection, freedom of speech and freedom of assembly and association, as well as the strength of the rule of law and the legal framework for use of the items to be exported and the potential security risks for the Union.
Amendment 290 #
Proposal for a regulation
Article 14 – paragraph 2
Article 14 – paragraph 2
2. The Commission and the Council shall make available guidance and/or recommendationelines to ensure common risk assessments by the competent authorities of the Member States for the implementation of those criteria when this Regulation enters into force.
Amendment 293 #
Proposal for a regulation
Article 15 – paragraph 3
Article 15 – paragraph 3
3. The competent authorities of the Member States shall notify the Member States and the Commission of their decisions to prohibit a transit of dual-use items or cyber-surveillance technologies taken under Article 6 without delay. These notifications will contain all relevant information including the classification of the item, its technical parameters, the country of destination and the end user.
Amendment 294 #
Proposal for a regulation
Article 15 – paragraph 5
Article 15 – paragraph 5
5. Before the competent authority of a Member State, acting under this Regulation, grants an authorisation for export or brokering services or technical assistance, or decides on a transit, it shall examine all valid denials or decisions to prohibit a transit of dual-use items or cyber-surveillance technologies listed in Annex I taken under this Regulation to ascertain whether an authorisation or a transit has been denied by the competent authorities of another Member State or States for an essentially identical transaction (meaning an item with essentially identical parameters or technical characteristics to the same end user or consignee). It shall first consult the competent authorities of the Member State or States which issued such denial(s) or decisions to prohibit the transit as provided for in paragraphs 1 and 3. If following such consultation the competent authority of the Member State decides to grant an authorisation or allow the transit, it shall notify the competent authorities of the other Member States and the Commission, providing all relevant information to explain the decision.
Amendment 295 #
Proposal for a regulation
Chapter 4 – title
Chapter 4 – title
AMENDMENT OF LISTS OF DUAL- USE ITEMS AND CYBER- SURVEILLANCE TECHNOLOGIES AND DESTINATIONS
Amendment 296 #
Proposal for a regulation
Article 16 – paragraph 2 – introductory part
Article 16 – paragraph 2 – introductory part
2. The Commission shall be empowered to adopt delegated acts in order to amend the lists of dual-use items and cyber-surveillance technologies set out in Annex I and Section B of Annex IV, as follows:
Amendment 298 #
Proposal for a regulation
Article 16 – paragraph 2 – point a
Article 16 – paragraph 2 – point a
(a) The list of dual-use items and cyber-surveillance technologies set out in Section A of Annex I shall be amended in conformity with the relevant obligations and commitments, and any modification thereof, that Member States and the Union have accepted as members of the international non-proliferation regimes and export control arrangements, or by ratification of relevant international treaties. Where the amendment of Section A of Annex I concerns dual-use items which are also listed in Annexes II and IV, Section B, those Annexes shall be amended accordingly.
Amendment 303 #
Proposal for a regulation
Article 16 – paragraph 2 – point b
Article 16 – paragraph 2 – point b
(b) The list of dual-use itemcyber-surveillance technologies set out in Section B of Annex I may be amended if this is necessary due to risks that the export of such items may pose as regards the commission of serious violations of human rights or international humanitarian law or the essential security interests of the Union and its Member States. Where imperative grounds of urgency require an amendment of Section B of Annex I, the procedure provided for in Article 17 shall apply to delegated acts adopted pursuant to this point.
Amendment 306 #
Proposal for a regulation
Article 16 – paragraph 2 a (new)
Article 16 – paragraph 2 a (new)
(2a) Section B of Annex I shall be limited in scope to cyber-surveillance technologies and shall not contain duplications of items listed in Section A of Annex I;
Amendment 307 #
Proposal for a regulation
Article 18 – paragraph 1
Article 18 – paragraph 1
1. When completing the formalities for the export of dual-use items or cyber- surveillance technologies at the customs office responsible for handling the export declaration, the exporter shall furnish proof that any necessary export authorisation has been obtained.
Amendment 308 #
Proposal for a regulation
Article 18 – paragraph 3 – introductory part
Article 18 – paragraph 3 – introductory part
3. Without prejudice to any powers conferred on it under, and pursuant to, the Union Customs Code, a Member State may also, for a period not exceeding the periods referred to in paragraph 4, suspend the process of export from its territory, or, if necessary, otherwise prevent the dual-use items or cyber-surveillance technologies listed in Annex I which are covered by a valid export authorisation from leaving the Union via its territory, where it has grounds for suspicion that:
Amendment 309 #
Proposal for a regulation
Article 18 – paragraph 4
Article 18 – paragraph 4
4. In the case referred to in paragraph 3, the competent authority of the Member State which granted the export authorisation shall be consulted forthwith in order that they may take action pursuant to Article 15(1). If such competent authority decides to maintain the authorisation, it shall reply within 10 working days, which, at its request, may be extended to 30 working days in exceptional circumstances. In such case, or if no reply is received within 10 or 30 days, as the case may be, the dual-use items or cyber- surveillance technologies shall be released immediately. The competent authority of the Member State which granted the authorisation shall inform the competent authorities of the other Member States and the Commission.
Amendment 310 #
Proposal for a regulation
Article 18 – paragraph 5
Article 18 – paragraph 5
5. The Commission, in cooperation with the Member States, shall develop a guidanceelines to support interagency cooperation between licensing and customs authorities.
Amendment 311 #
Proposal for a regulation
Article 19 – paragraph 1
Article 19 – paragraph 1
1. Member States may provide that customs formalities for the export of dual- use items or cyber-surveillance technologies may be completed only at customs offices empowered to that end.
Amendment 312 #
Proposal for a regulation
Article 20 – paragraph 1 – subparagraph 1 – point a – indent 1
Article 20 – paragraph 1 – subparagraph 1 – point a – indent 1
– grant export authorisations for dual- use items and cyber-surveillance technologies;
Amendment 313 #
Proposal for a regulation
Article 20 – paragraph 1 – subparagraph 1 – point a – indent 3
Article 20 – paragraph 1 – subparagraph 1 – point a – indent 3
– decide to prohibit the transit of non- Union dual-use items uand cyber- surveillance technologies under this Regulation;
Amendment 316 #
Proposal for a regulation
Article 20 – paragraph 2 – point a
Article 20 – paragraph 2 – point a
(a) all information regarding the application of controls, including licensing data (number, value and types of licences and related destinations, number of users of general and global authorisations, number of operators with ICPs, processing times, volume and value of trade subject to intra- EU transfers etc), and, where available, data on exports of dual-use items and cyber-surveillance technologies carried out in other Member States;
Amendment 318 #
Proposal for a regulation
Article 20 – paragraph 2 – point b
Article 20 – paragraph 2 – point b
(b) all information regarding the enforcement of controls, including details of exporters deprived of the right to use the national or Union general export authorisations 1 , any reports of violations, seizures and the application of other penalties ;
Amendment 319 #
Proposal for a regulation
Article 20 – paragraph 2 – point c
Article 20 – paragraph 2 – point c
(c) all data on sensitive end users, actors involved in suspicious procurement activities, and, where available, routes taken.
Amendment 325 #
Proposal for a regulation
Article 22 – paragraph 1 a (new)
Article 22 – paragraph 1 a (new)
1a. The Commission shall assess whether rules on penalties laid down by Member States are of a similar nature and effect.
Amendment 331 #
Proposal for a regulation
Article 24 – paragraph 1
Article 24 – paragraph 1
1. The Commission and the Council shall, where appropriate, make available guidance and/or recommendationelines for best practices for the subjects referred to in this Regulation to ensure the efficiency of the Union export control regime and the consistency of its implementation. The competent authorities of the Member States shall also, where appropriate, provide complementary guidance for exporters, brokers and transit operators resident or established in that Member State.
Amendment 332 #
Proposal for a regulation
Article 24 – paragraph 1 a (new)
Article 24 – paragraph 1 a (new)
Amendment 336 #
Proposal for a regulation
Article 25 – paragraph 1 – introductory part
Article 25 – paragraph 1 – introductory part
1. Exporters of dual-use items and cyber-surveillance technologies shall keep detailed registers or records of their exports, in accordance with the national law or practice in force in the respective Member States. Such registers or records shall include in particular commercial documents such as invoices, manifests and transport and other dispatch documents containing sufficient information to allow the following to be identified:
Amendment 337 #
Proposal for a regulation
Article 25 – paragraph 1 – point a
Article 25 – paragraph 1 – point a
(a) the description of the dual-use items or cyber-surveillance technologies;
Amendment 338 #
Proposal for a regulation
Article 25 – paragraph 1 – point b
Article 25 – paragraph 1 – point b
(b) the quantity of the dual-use items or cyber-surveillance technologies;
Amendment 339 #
Proposal for a regulation
Article 25 – paragraph 1 – point d
Article 25 – paragraph 1 – point d
(d) where known, the end-use and end- user of the dual-use items or cyber- surveillance technologies.
Amendment 342 #
Proposal for a regulation
Article 25 – paragraph 2
Article 25 – paragraph 2
2. In accordance with national law or practice in force in the respective Member States, brokers and suppliers of technical assistance shall keep registers or records for brokering or technical assistance services so as to be able to prove, on request, the description of the dual-use items or cyber-surveillance technologies that were the subject of brokering or technical assistance services, the period during which the items were the subject of such services and their destination, and the countries concerned by those services.
Amendment 343 #
Proposal for a regulation
Article 25 – paragraph 3
Article 25 – paragraph 3
3. The registers or records and the documents referred to in paragraphs 1 and 2 shall be kept for at least threfive years from the end of the calendar year in which the export took place or the brokering or technical assistance services were provided. They shall be produced, on request, to the competent authority .
Amendment 344 #
Proposal for a regulation
Article 25 – paragraph 4
Article 25 – paragraph 4
4. Documents and records of intra- Union transfers of dual-use items or cyber- surveillance technologies listed in Annex I shall be kept for at least three years from the end of the calendar year in which a transfer took place and shall be produced to the competent authority of the Member State from which these items were transferred on request.
Amendment 345 #
Proposal for a regulation
Article 26 – paragraph 1 – point a
Article 26 – paragraph 1 – point a
(a) to gather information on any order or transaction involving dual-use items or cyber-surveillance technologies;
Amendment 347 #
Proposal for a regulation
Article 27 – paragraph 2 – subparagraph 1 – introductory part
Article 27 – paragraph 2 – subparagraph 1 – introductory part
2. Without prejudice to the provisions on mutual administrative assistance agreements or protocols in customs matters concluded between the Union and third countries, the Council may authorise the Commission to negotiate with third countries agreements providing for the mutual recognition of export controls of dual-use items or cyber-surveillance technologies covered by this Regulation and in particular:
Amendment 349 #
Proposal for a regulation
Annex I – Section A – DEFINITIONS OF TERMS USED IN THIS ANNEX
Annex I – Section A – DEFINITIONS OF TERMS USED IN THIS ANNEX
“Intrusion software” (4) means “software” specially designed or modified to avoid detection by ‘monitoring tools’, or to defeat ‘protective countermeasurebe run or installed without ‘authorisation’ from owners or ‘administrators’, of a computers or network-capable devices, and performing any of the following: a. The unauthorised extraction of data or information, from a computer or network- capable device, or the modification of system or user data; or b. The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructionssystem or user data to facilitate access to data stored on a computer or network-capable device by parties other than parties authorised by the owner or ‘administrator’ of the computer or network-capable device. Notes: 1. “Intrusion software” does not include any of the following: a. Hypervisors, debuggers or Software Reverse Engineering (SRE) tools; b. Digital Rights Management (DRM) “software”; or c. “Software” designed to be installed by manufacturers, administrators or users, for the purposes of asset tracking or recovery, asset recovery or ‘ICT security testing’ ca. “Software” that is distributed with the express purpose of helping detect, remove, or prevent its execution on computers or network-capable devices of unauthorised parties. 2. Network-capable devices include mobile devices and smart meters. Technical Notes: 1. ‘Monitoring tools’: “software” or hardware devices that monitor system behaviours or processes running on a device. This includes antivirus (AV) productAuthorisation’: the informed consent of the user (i.e. an affirmative indication of comprehension regarding the nature, implications, eand point security products, Personal Security Products (PSP), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) or firewallsfuture consequences of an action, and agreement to the execution of that action). 2. ‘Administrator’: owner-authorised agent or user of a network, computer or network-capable device. 2a. ‘ProICT security tecstive countermeasures’: techniques designed to ensure the safe exng’: discovery and assessment of static or dynamic risk, vulnerability, error, or weakness affecution of code, such as Data Execution Prevention (DEP), Address Space Layout Randomisation (ASLR) or sandboxingng “software”, networks, computers, network-capable devices, and components or dependencies therefor, for the demonstrated purpose of mitigating factors detrimental to safe and secure operation, use or deployment.
Amendment 352 #
Proposal for a regulation
Annex I – Section A – category 4 – subcategory 4A – point 4A005
Annex I – Section A – category 4 – subcategory 4A – point 4A005
4A005 Systems, equipment, and components therefor, specially designed or modified for the generation, operation or delivery of, or communication with, “intrusion software”.
Amendment 353 #
Proposal for a regulation
Annex I – Section A – category 4 – subcategory 4D – point 4D004
Annex I – Section A – category 4 – subcategory 4D – point 4D004
4D004 “Software” specially designed or modified for the generation, operation or delivery of, or communication with, “intrusion software”.
Amendment 354 #
Proposal for a regulation
Annex I – Section A – category 4 – subcategory 4E – point 4E001 – point a
Annex I – Section A – category 4 – subcategory 4E – point 4E001 – point a
a. “Technology” according to the General Technology Note, specifically designed or modified for the “development”, “production” or “use” of equipment or “software” specified in 4A or 4D.
Amendment 355 #
Proposal for a regulation
Annex I – Section A – category 4 – subcategory 4E – point 4E001 –point c
Annex I – Section A – category 4 – subcategory 4E – point 4E001 –point c
c. “Technology” specifically designed or modified for the “development” of “intrusion software”.
Amendment 356 #
Proposal for a regulation
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a – point 1
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a – point 1
Amendment 357 #
Proposal for a regulation
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a – point 2
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a – point 2
Amendment 358 #
Proposal for a regulation
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a –point 5
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a –point 5
Amendment 359 #
Proposal for a regulation
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a – point 6
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a – point 6
Amendment 360 #
Proposal for a regulation
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a – point 9
Annex I – Section A – category 5 – subcategory 5A2 – point 5A002 – point a – point 9
Amendment 361 #
Proposal for a regulation
Annex I – Section A – category 5 – subcategory 5A2– point 5A002 – point b – paragraph
Annex I – Section A – category 5 – subcategory 5A2– point 5A002 – point b – paragraph
Amendment 362 #
Proposal for a regulation
Annex I – Section A – category 5– subcategory 5B2 – point 5B002
Annex I – Section A – category 5– subcategory 5B2 – point 5B002
Amendment 363 #
Proposal for a regulation
Annex I – Section A – category 5– subcategory 5D2 – point 5D002
Annex I – Section A – category 5– subcategory 5D2 – point 5D002
Amendment 364 #
Proposal for a regulation
Annex I – Section A – category 5 – subcategory 5E2 – point 5E002
Annex I – Section A – category 5 – subcategory 5E2 – point 5E002
Amendment 367 #
Proposal for a regulation
Annex I – Section B – title
Annex I – Section B – title
B. LIST OF OTHER DUAL-USCYBER- SURVEILLANCE ITEMCHNOLOGIES
Amendment 371 #
Proposal for a regulation
Annex I – Section B – Section B – category 10 – point 10A001 – Technical note – point e a (new))
Annex I – Section B – Section B – category 10 – point 10A001 – Technical note – point e a (new))
ea. network and security research for the purposes of authorised testing or the protection of information security systems.
Amendment 417 #
Proposal for a regulation
Annex II – Section I
Annex II – Section I