4CT190319aftertechnicalmeeting_konvertiert
Dieses Dokument ist Teil der Anfrage „European Cybersecurity Industrial, Technology and Research Competence Centre and Network of National Coordination Centres“
Diese Anfrage wurde als Teil der Kampagne „Black Box EU“ gestellt.
Competence Centre. A paid to the representation of minimum number of seats SMEs. should be allocated to each category of industry [Changes from EP both partially stakeholders, with particular retained. Reason: the Centre attention paid to the should remain free to decide the representation of SMEs. most appropriate representatives in the Advisory Board, seeking for the right balance between diversity, representativeness, expertise… No rigidities should be introduced upfront in terms or nationality, profile or otherwise. The point on the importance of SME representation is otherwise made] (28) The Competence Centre (28) The Competence Centre (28) The Competence Centre (28) The Competence Centre and 54 should benefit from the particular and its activities should benefit should benefit from the its activities should benefit from expertise and the broad and from the particular expertise and particular experteseexperience the particular expertise and the relevant stakeholders' the broad and relevant and the broad and relevant broad and relevant stakeholders’ representation built through the stakeholders’ representation stakeholders' representation built representation built through the contractual public-private built through the contractual through the contractual public- contractual public-private partnership on cybersecurity public-private partnership on private partnership on partnership on cybersecurity during the duration of cybersecurity during the cybersecurity during the during the duration of Horizon2020, through its duration of Horizon2020, and duration of Horizon 2020, and Horizon2020, and the pilot Industrial and Scientific Advisory the pilot projects under the four pilot projects, thereby projects under Horizon2020 on Board. Horizon2020 on the building on the existing the Cybersecurity Competence Cybersecurity Competence experience that has been set up Network, for the management of Network, through its Industrial by the contractual public- the Community, and the and Scientific Advisory Board. private partnership on representation of the xxxxx/18 EB/kp 44 ANNEX JAI.2 LIMITE EN
The Competence Centre and cybersecurity, for the Community in the Centre’s Industrial and Scientific management of the through its Industrial and Advisory Board should, if Community, and the Scientific Advisory Board. The appropriate, consider representation of the Competence Centre and replications of existing Community in the Centre’s Industrial and Scientific Advisory structures, for example as through its Industrial and Board should, if appropriate, working groups. Scientific Advisory Board. consider replications of existing structures, for example as working groups. [Changes from EP and Council both retained on substance, combining them] (28a) The Competence Centre [Changes from EP not retained. and its bodies should make use Reason: the point about building of the experience and on existing activities, notably the contributions of past and cPPP and the 4 pilots, is already current initiatives, such as the made in previous amendment. contractual public-private ECSO can be referred in previous partnership (cPPP) on amendment. As to EU FOSSA, cybersecurity, the European while this a relevant activity, it Cyber Security Organisation doesn’t seem appropriate to (ECSO), and the pilot project mention such specific project and preparatory action on Free here, prejudging on the topics and Open Source Software should support. This is a Audits (EU FOSSA). programing decision for the 55 Governing Board to take.] (29) The Competence Centre (29) The Competence Centre (29) The Competence Centre (29) The Competence Centre 56 should have in place rules should have in place rules should have in place rules should have in place rules xxxxx/18 EB/kp 45 ANNEX JAI.2 LIMITE EN
regarding the prevention and the regarding the prevention, regarding the prevention and the regarding the prevention, management of conflict of identification and resolution of management of conflict of identification and resolution of interest. The Competence Centre conflicts of interest in respect of interest. The Competence Centre conflicts of interest in respect of should also apply the relevant its members, bodies and staff, should also apply the relevant its members, bodies and staff, the Union provisions concerning the Governing Board, as well as Union provisions concerning Governing Board, as well as the public access to documents as set the Scientific and Industrial public access to documents as Scientific and Industrial Advisory out in Regulation (EC) No Advisory Board, and the set out in Regulation (EC) No Board, and the Community. 1049/2001 of the European Community. Member States 1049/2001 of the European Member States should ensure the 25 26 Parliament and of the Council . should ensure the prevention, Parliament and of the Council . prevention, identification, and Processing of personal data by the identification, and resolution of Processing of personal data by resolution of conflicts of interest Competence Centre will be conflicts of interest in respect of the Competence Centre will be in respect of the National subject to Regulation (EU) No the National Coordination subject to Regulation (EU) No Coordination Centres. The XXX/2018 of the European Centres. The Competence XXX/2018 of the European Competence Centre should also Parliament and of the Council. Centre should also apply the Parliament and of the Council. apply the relevant Union The Competence Centre should relevant Union provisions The Competence Centre should provisions concerning public comply with the provisions concerning public access to comply with the provisions access to documents as set out in applicable to the Union documents as set out in applicable to the Union Regulation (EC) No 1049/2001 of institutions, and with national Regulation (EC) No 1049/2001 institutions, and with national the European Parliament and of 24 legislation regarding the handling of the European Parliament and legislation regarding the the Council . Processing of 24 of information, in particular of the Council . Processing of handling of information, in personal data by the Competence sensitive non classified personal data by the particular sensitive non classified Centre will be subject to information and EU classified Competence Centre will be information and EU classified Regulation (EU) No XXX/2018 information. subject to Regulation (EU) No information. of the European Parliament and of XXX/2018 of the European the Council. The Competence Parliament and of the Council. Centre should comply with the The Competence Centre should provisions applicable to the Union 25 Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament, Council and Commission documents (OJ L 145, 31.5.2001, p. 43). 26 Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament, Council and Commission documents (OJ L 145, 31.5.2001, p. 43). xxxxx/18 EB/kp 46 ANNEX JAI.2 LIMITE EN
comply with the provisions institutions, and with national applicable to the Union legislation regarding the handling institutions, and with national of information, in particular legislation regarding the sensitive non classified handling of information, in information and EU classified particular sensitive non information. classified information and EU classified information. __________________ 24 __________________ Regulation (EC) No 1049/2001 of the European Parliament and of 24 Regulation (EC) No the Council of 30 May 2001 1049/2001 of the European regarding public access to Parliament and of the Council of European Parliament, Council and 30 May 2001 regarding public Commission documents (OJ L access to European Parliament, 145, 31.5.2001, p. 43). Council and Commission documents (OJ L 145, [EP and Council changes both 31.5.2001, p. 43). retained.] (30) The financial interests of the (30) The financial interests of (30) The financial interests of (30) The financial interests of the Union and of the Member States the Union and of the Member the Union and of the Member Union and of the Member States should be protected by States should be protected by States should be protected by should be protected by proportionate measures proportionate measures proportionate measures proportionate measures throughout the expenditure cycle, throughout the expenditure throughout the expenditure throughout the expenditure cycle, including the prevention, cycle, including the prevention, cycle, including the prevention, including the prevention, detection detection and investigation of detection and investigation of detection and investigation of and investigation of irregularities, irregularities, the recovery of lost, irregularities, the recovery of irregularities, the recovery of the recovery of lost, wrongly paid wrongly paid or incorrectly used lost, wrongly paid or incorrectly lost, wrongly paid or incorrectly or incorrectly used funds and, funds and, where appropriate, the used funds and, where used funds and, where where appropriate, the application 57 application of administrative and appropriate, the application of appropriate, the application of of administrative and financial xxxxx/18 EB/kp 47 ANNEX JAI.2 LIMITE EN
financial penalties in accordance administrative and financial administrative and financial penalties in accordance with with Regulation XXX (EU, penalties in accordance with penalties in accordance with Regulation XXX (EU, Euratom) Euratom) of the European Regulation XXX (EU, Euratom) Regulation XXX (EU, Euratom) of the European Parliament and of 27 30 Parliament and of the Council of the European Parliament and of the European Parliament and the Council [the Financial 28 29 [the Financial Regulation]. of the Council [the Financial of the Council [the Financial Regulation]. Regulation]. Regulation]. (31) The Competence Centre (31) The Competence Centre (31) The Competence Centre (31) The Competence Centre 58 should operate in an open and should operate in an open and should operate in an open and should operate in an open and transparent way providing all transparent way transparent way providing all transparent way comprehensively relevant information in a timely comprehensively providing relevant information in a timely providing information in a timely manner as well as promoting its information in a timely manner manner as well as promoting its manner as well as promoting its activities, including information as well as promoting its activities, including information activities, including information and dissemination activities to the activities, including information and dissemination activities to and dissemination activities to the wider public. The rules of and dissemination activities to the wider public. The rules of wider public. It should should procedure of the bodies of the the wider public. It should procedure of the bodies of the make public the list of the Competence Centre should be provide the public and any Competence Centre should be Cybersecurity Competence made publicly available. interested parties with a list of made publicly available. Community members. The rules the Cybersecurity Competence of procedure of the bodies of the Community members and Competence Centre should be should make public the made publicly available . declarations of interest made by them in accordance with Article [EP changes partly retained. 42. The rules of procedure of the Reason: it seems not justified and 27 [add title and OJ reference] 28 [add title and OJ reference] 29 [add title and OJ reference] 30 [add title and OJ reference] xxxxx/18 EB/kp 48 ANNEX JAI.2 LIMITE EN
bodies of the Competence not proportionate to request the Centre should be made publicly Community members to provide a available . declaration interest, while they're not getting any EU funding for being community members but rather cooperating voluntarily. This requirement doesn’t apply today in the cPPP and may put many away potential community members, thus weakening the community. Article 42 refers to the Governing Board, not the Community] (31a) It is advisable that both (31a) It is advisable that both the the Competence Centre and the Competence Centre and the National Coordination Centres National Coordination Centres monitor and follow the monitor and follow the international standards as international standards as much much as possible, in order as possible, in order to encourage to encourage development development towards global best towards global best practices. practices. 59 [EP change retained] (32) The Commission’s internal (32) The Commission’s internal (32) The Commission’s internal (32) The Commission’s internal auditor should exercise the same auditor should exercise the same auditor should exercise the same auditor should exercise the same powers over the Competence powers over the Competence powers over the Competence powers over the Competence Centre as those exercised in Centre as those exercised in Centre as those exercised in Centre as those exercised in respect of the Commission. respect of the Commission. respect of the Commission. respect of the Commission. xxxxx/18 EB/kp 49 ANNEX JAI.2 LIMITE EN
[Council change retained] (33) The Commission, the (33) The Commission, the (33) The Commission, the (33) The Commission, the Competence Centre, the Court of Competence Centre, the Court of Competence Centre, the Court of Competence Centre, the Court of Auditors and the European Anti- Auditors and the European Anti- Auditors and the European Anti- Auditors and the European Anti- Fraud Office should get access to Fraud Office should get access to Fraud Office should get access to Fraud Office should get access to all necessary information and the all necessary information and all necessary information and the all necessary information and the premises to conduct audits and the premises to conduct audits premises to conduct audits and premises to conduct audits and investigations on the grants, and investigations on the grants, investigations on the grants, investigations on the grants, contracts and agreement signed by contracts and agreement signed contracts and agreement signed contracts and agreement signed by the Competence Centre. by the Competence Centre. by the Competence Centre. the Competence Centre. 60 [Council changes retained] (33a) The power to adopt acts in [EP changes not retained. Reason: 61 accordance with Article 290 of not in Commission proposal and the Treaty on the Functioning goes in opposite direction of of the European Union should Council changes in view to reduce be delegated to the Commission Commission control, leaving in respect of defining the more autonomy to MS to elements of contractual nominate national coordination agreements between the centres] Competence Centre and National Coordination Centres, and in respect of specifying criteria for assessing and accrediting entities as members of the Cybersecurity Competence Community. It is of particular importance that the Commission carry out xxxxx/18 EB/kp 50 ANNEX JAI.2 LIMITE EN
appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law- 1a Making . In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States' experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts. __________________ 1a OJ L 123, 12.5.2013, p. 1. (34) Since the objectives of this (34) The objectives of this (34) Since the objectives of this (34) The objectives of this 62 Regulation, namely retaining and Regulation, namely Regulation, namely retaining and Regulation, namely strengthening developing Union's cybersecurity strengthening the Union’s developing Union's cybersecurity the Union’s competitiveness and technological and industrial competitiveness and capacities research, technological and capacities in cybersecurity capacities, increasing the in cybersecurity through, and industrial capacities, increasing through, and reducing its digital competitiveness of the Union's reducing its digital dependence the competitiveness of the dependence by increasing the xxxxx/18 EB/kp 51 ANNEX JAI.2 LIMITE EN
cybersecurity industry and turning by increasing the uptake of Union's cybersecurity industry uptake of cybersecurity products, cybersecurity into a competitive cybersecurity products, and turning cybersecurity into a processes and services developed advantage of other Union processes and services competitive advantage of other within the Union, retaining and industries, cannot be sufficiently developed within the Union, Union industries, cannot be developing Union's cybersecurity achieved by the Member States retaining and developing Union's sufficiently achieved by the research, technological and due the fact that existing, limited cybersecurity technological and Member States due the fact that industrial capacities, increasing resources are dispersed as well as industrial capacities, increasing existing, limited resources are the competitiveness of the Union's due to the scale of the investment the competitiveness of the dispersed as well as due to the cybersecurity industry and turning necessary, but can rather by Union's cybersecurity industry scale of the investment cybersecurity into a competitive reason of avoiding unnecessary and turning cybersecurity into a necessary, but can rather by advantage of other Union duplication of these efforts, competitive advantage of other reason of avoiding unnecessary industries, cannot be sufficiently helping to achieve critical mass of Union industries, cannot be duplication of these efforts, achieved by the Member States investment and ensuring that sufficiently achieved by the helping to achieve critical mass due the fact that existing, limited public financing is used in an Member States due the fact that of investment and ensuring that resources are dispersed as well as optimal way be better achieved at existing, limited resources are public financing is used in an due to the scale of the investment Union level, the Union may adopt dispersed as well as due to the optimal way be better achieved necessary, but can rather by measures, in accordance with the scale of the investment at Union level, the Union may reason of avoiding unnecessary principle of subsidiarity as set out necessary, but can rather by adopt measures, in accordance duplication of these efforts, in Article 5 of the Treaty on reason of avoiding unnecessary with the principle of subsidiarity helping to achieve critical mass of European Union. In accordance duplication of these efforts, as set out in Article 5 of the investment and ensuring that with the principle of helping to achieve critical mass Treaty on European Union. In public financing is used in an proportionality as set out in that of investment and ensuring that accordance with the principle of optimal way be better achieved at Article, this Regulation does not public financing is used in an proportionality as set out in that Union level. In addition, only go beyond what is necessary in optimal way be better achieved Article, this Regulation does not actions at Union level can ensure order to achieve that objective. at Union level. In addition, only go beyond what is necessary in the highest level of cybersecurity actions at Union level can order to achieve that objective. in all Member States and thus ensure the highest level of close security gaps existing in cybersecurity in all Member some Member States that create States and thus close security security gaps for the whole gaps existing in some Member Union. Hence, the Union may xxxxx/18 EB/kp 52 ANNEX JAI.2 LIMITE EN
States that create security gaps adopt measures, in accordance for the whole Union. Hence, the with the principle of subsidiarity Union may adopt measures, in as set out in Article 5 of the accordance with the principle of Treaty on European Union. In subsidiarity as set out in Article accordance with the principle of 5 of the Treaty on European proportionality as set out in that Union. In accordance with the Article, this Regulation does not principle of proportionality as go beyond what is necessary in set out in that Article, this order to achieve that objective. Regulation does not go beyond what is necessary in order to [EP and Council changes both achieve that objective. retained.] xxxxx/18 EB/kp 53 ANNEX JAI.2 LIMITE EN
