4CT190319aftertechnicalmeeting_konvertiert
Dieses Dokument ist Teil der Anfrage „European Cybersecurity Industrial, Technology and Research Competence Centre and Network of National Coordination Centres“
Diese Anfrage wurde als Teil der Kampagne „Black Box EU“ gestellt.
HAVE ADOPTED THIS HAVE ADOPTED THIS HAVE ADOPTED THIS HAVE ADOPTED THIS 63 REGULATION: REGULATION: REGULATION: REGULATION: CHAPTER I CHAPTER I CHAPTER I CHAPTER I 64 GENERAL GENERAL GENERAL GENERAL PROVISIONS AND PROVISIONS AND PROVISIONS AND PROVISIONS AND PRINCIPLES OF THE PRINCIPLES OF PRINCIPLES OF PRINCIPLES OF THE COMPETENCE THE COMPETENCE THE COMPETENCE COMPETENCE CENTRE AND THE CENTRE AND THE CENTRE AND THE CENTRE AND THE NETWORK NETWORK NETWORK NETWORK 65 66 Article 1 Article 1 Article 1 Article 1 Subject matter Subject matter Subject matter Subject matter 67 1. This Regulation establishes 1. This Regulation 1. This Regulation 1. This Regulation establishes 68 the European Cybersecurity establishes the European establishes the European the European Cybersecurity Industrial, Technology and Cybersecurity Industrial, Cybersecurity Industrial, Industrial, Technology and Research Competence Centre (the Technology and Research Technology and Research Research Competence Centre (the ‘Competence Centre’), as well as Competence Centre (the Competence Centre (the ‘Competence Centre’), as well as the Network of National ‘Competence Centre’), as well ‘Competence Centre’), as well as the Network of National Coordination Centres, and lays as the Network of National the Network of National Coordination Centres (the down rules for the nomination of Coordination Centres (the Coordination Centres (the “Network”), and lays down rules National Coordination Centres as “Network”), and lays down rules “Network”), and lays down for the nomination of National well as for the establishment of for the nomination of National rules for the nomination of Coordination Centres as well as xxxxx/18 EB/kp 54 ANNEX JAI.2 LIMITE EN
the Cybersecurity Competence Coordination Centres as well as National Coordination Centres for the establishment of the Community. for the establishment of the as well as for the establishment Cybersecurity Competence Cybersecurity Competence of the Cybersecurity Community (the “Community”). Community (the Competence Community (the The Competence Centre and the “Community”). The “Community”). Network shall contribute to the Competence Centre and the overall resilience and awareness Network shall contribute to the in the Union towards overall resilience and cybersecurity threats, thoroughly awareness in the Union towards taking into account societal cybersecurity threats, implications. thoroughly taking into account societal implications. [Both changes from EP and Council retained] 2. The Competence Centre 2. The Competence Centre 2. The Competence Centre 2. The Competence Centre 69 shall contribute to the shall contribute to the shall contribute to the shall contribute to the implementation of the implementation of the implementation of the implementation of the cybersecurity part of the Digital cybersecurity part of the Digital cybersecurity part of the Digital cybersecurity part of the Digital Europe Programme established by Europe Programme established Europe Programme established Europe Programme established by Regulation No XXX and in by Regulation No XXX and in by Regulation No XXX and in Regulation No XXX and in particular actions related to particular actions related to particular actions related to particular actions related to Article 6 of Regulation (EU) No Article 6 of Regulation (EU) No Article 6 of Regulation (EU) No Article 6 of Regulation (EU) No XXX [Digital Europe XXX [Digital Europe XXX [Digital Europe XXX [Digital Europe Programme] Programme] thereof and of the Programme] thereof and of the Programme] thereof and of the thereof and of the Horizon Europe Horizon Europe Programme Horizon Europe Programme Horizon Europe Programme Programme established by established by Regulation No established by Regulation No established by Regulation No Regulation No XXX and in XXX and in particular Section XXX and in particular Section XXX and in particular Section particular Section 2.2.6 of Pillar II 2.2.6 of Pillar II of Annex I. of 2.2.6 of Pillar II of Annex I. of 2.2.6 of Pillar II of Annex I. of of Annex I. of Decision No XXX Decision No XXX on establishing Decision No XXX on Decision No XXX on on establishing the specific the specific programme establishing the specific establishing the specific programme implementing implementing Horizon Europe – programme implementing programme implementing Horizon Europe – the Framework xxxxx/18 EB/kp 55 ANNEX JAI.2 LIMITE EN
the Framework Programme for Horizon Europe – the Horizon Europe – the Programme for Research and Research and Innovation[ref. Framework Programme for Framework Programme for Innovation[ref. number of the number of the Specific Research and Innovation[ref. Research and Innovation[ref. Specific Programme]. Programme]. number of the Specific number of the Specific Programme]. Programme]. 3. The seat of the Competence 3. The seat of the 3. The seat of the [Both changes from EP and Centre shall be located in Competence Centre shall be Competence Centre shall be Council retained] [Brussels, Belgium.] located in [Brussels, Belgium.] located in [XXXBrussels, 70 31 Belgium] . 4. The Competence Centre 4. The Competence Centre 4. The Competence Centre 4. The Competence Centre shall have legal personality. In shall have legal personality. In shall have legal personality. In shall have legal personality. In each Member State, it shall enjoy each Member State, it shall each Member State, it shall enjoy each Member State, it shall enjoy the most extensive legal capacity enjoy the most extensive legal the most extensive legal capacity the most extensive legal capacity accorded to legal persons under capacity accorded to legal accorded to legal persons under accorded to legal persons under the laws of that Member State. It persons under the laws of that the laws of that Member State. It the laws of that Member State. It may, in particular, acquire or Member State. It may, in may, in particular, acquire or may, in particular, acquire or dispose of movable and particular, acquire or dispose of dispose of movable and dispose of movable and immovable property and may be a movable and immovable immovable property and may be immovable property and may be a party to legal proceedings. property and may be a party to a party to legal proceedings. party to legal proceedings. legal proceedings. [Change from EP (deletion or (moved to Art 38a (new) article) not retained. Check with EP why they want to delete this ] as not considered subject 31 xxxxx/18 EB/kp 56 ANNEX JAI.2 LIMITE EN
matter) 5. This Regulation is 5. This Regulation is without without prejudice to the prejudice to the competences of competences of the Member the Member States regarding States regarding activities activities concerning public concerning public security, security, defence, national defence, national security and security and the activities of the the activities of the state in state in areas of criminal law. areas of criminal law. [Change from Council retained. 71 No change from EP.] 72 Article 2 Article 2 Article 2 Article 2 Definitions Definitions Definitions Definitions 73 For the purpose of this For the purpose of this For the purpose of this For the purpose of this Regulation, the following Regulation, the following Regulation, the following Regulation, the following 74 definitions shall apply: definitions shall apply: definitions shall apply: definitions shall apply: (1) 'cybersecurity' means the (1) 'cybersecurity' means all (1) 'cybersecurity' means the (1) 'cybersecurity' means the 75 protection of network and activities necessary to protect protection the activities protection the activities information systems, their users, network and information necessary to protect network necessary to protect network and and other persons against cyber systems, their users, and and information systems, their information systems, their users of threats; affected persons from cyber users of such systems, and other such systems, and other persons threats; persons affected by against affected by against cyber threats; cyber threats; [Changes from Council and EP xxxxx/18 EB/kp 57 ANNEX JAI.2 LIMITE EN
almost identical and mean the same. Council changes retained, just because one had to be picked] (1a) 'cyber defence' and (1a) ‘network and (1a) 'cyber defence' and ‘defence ‘defence dimensions of information system’ means a dimensions of cybersecurity’ cybersecurity’ means network and information means exclusively defensive and exclusively defensive and system as defined in point (1) reactive cyber defence technology reactive cyber defence of Article 4 of Directive (EU) which aims to protect critical technology which aims to 2016/1148”; infrastructures, military networks protect critical infrastructures, and information systems, their military networks and users, and affected persons, information systems, their against cyber threats including users, and affected persons, situational awareness, threat against cyber threats including detection and digital forensics; situational awareness, threat detection and digital forensics; (1a) ‘network and information system’ means a network and information system as defined in point (1) of Article 4 of Directive (EU) 2016/1148”; [Both changes from EP and Council retained] (2) 'cybersecurity products (2) 'products and processes ' (2) 'cybersecurity products (2) 'products and processes ' 76 and solutions' means ICT means commercial and non- and solutions' means ICT means commercial and non- products, services or process with commercial ICT products, products, services or process commercial ICT products, the specific purpose of protecting services or processes with the with the specific purpose of services or processes with the network and information systems, specific purpose of protecting protecting network and specific purpose of protecting their users and affected persons data, network and information information systems, their users data, network and information xxxxx/18 EB/kp 58 ANNEX JAI.2 LIMITE EN
from cyber threats; systems, their users and other of such systems and other systems, their users and other persons from cybersecurity affected persons affected by persons from cybersecurity threats; from cyber threats; threats; [Changes from EP retained. Council changes are not material] (2a) ‘cyber threat’ means any (2a) ‘cyber threat’ means any potential circumstance, event or potential circumstance, event or action that may damage, disrupt action that may damage, disrupt or otherwise adversely impact or otherwise adversely impact network and information network and information systems, their users and affected systems, their users and affected persons; persons; [Changes from EP retained. 77 Council has no changes] (3) 'public authority' means (3) 'public authority' means (3) 'public authority' means (3) 'public authority' means any 78 any government or other public any government or other public any government or other government or other public administration, including public administration, including public public administration, administration, including public advisory bodies, at national, advisory bodies, at national, including public advisory advisory bodies, at national, regional or local level or any regional or local level or any bodies, at national, regional or regional or local level or any natural or legal person performing natural or legal person local level or any natural or natural or legal person performing public administrative functions performing public administrative legal person performing public public administrative functions under national law, including functions under Union and administrative functions under under Union and national law, specific duties; national law, including specific national law, including specific including specific duties; duties; duties; [Changes from EP retained. Council changes (deletion of article) not retained. Check with xxxxx/18 EB/kp 59 ANNEX JAI.2 LIMITE EN
Council why they want o delete this definition] (4) 'participating Member (4) 'contributing Member (4) participating Member (4) 'contributing Member State' State' means a Member State State' means a Member State State contributing Member State means a Member State which which voluntarily contributes which voluntarily contributes means a Member State which voluntarily contributes financially financially to the administrative financially to the administrative voluntarily contributes to the administrative and and operational costs of the and operational costs of the financially to the administrative operational costs of the Competence Centre. Competence Centre; and operational costs of the Competence Centre; Competence Centre. [Changes from EP retained. Council changes (deletion of article) not retained. Reason: MS 79 may contribute voluntarily] (4a) ‘European Digital (4a) ‘European Digital 80 Innovation Hubs’ means a Innovation Hubs’ means a legal legal entity as defined in entity as defined in Regulation Regulation (EU) 2019/XXX of (EU) 2019/XXX of the European 1a the European Parliament and Parliament and of the Council . 1a of the Council . __________________ __________________ 1a Regulation (EU) 2019/XXX of 1a Regulation (EU) 2019/XXX the European Parliament and of of the European Parliament the Council of ... establishing the and of the Council of ... Digital Europe programme for establishing the Digital Europe the period 2021-2027 (OJ L ...) programme for the period 2021- (2018/0227(COD)). 2027 (OJ L ...) (2018/0227(COD)). [Changes from EP retained. xxxxx/18 EB/kp 60 ANNEX JAI.2 LIMITE EN
Council has no changes] (5) joint actions mean (5) joint actions mean actions actions funded through funded through voluntary voluntary contribution from contribution from one or more one or more Member States, Member States, and may receive and may receive complementary EU funding if complementary EU funding if so decided by the Governing so decided by the Governing Board. Board. [Changes from Council (in dark green) retained. EP has no 81 changes] 82 Article 3 Article 3 Article 3 Mission of the Centre and the Mission of the Centre and the Mission of the Competence Mission of the Competence 83 Network Network Centre and the Network Centre and the Network 1. The Competence Centre and 1. The Competence Centre 1. The Competence Centre 1. The Competence Centre and 84 the Network shall help the Union and the Network shall help the and the Network shall help the the Network shall help the Union to: Union to: Union to: to: [EP amendments to article 3.1 are mostly retained. They shouldn’t be problematic regarding Council concerns about giving the impression that the Centre has operational capacities, insofar as article 3.1 starts "The Competence Centre and the Network shall help xxxxx/18 EB/kp 61 ANNEX JAI.2 LIMITE EN
the Union to". But, if necessary to provide Council with furthr reassurance, the text of the EP amendments could start: (ba)"Support awarenes raising…; (bb) "Support the Union’s leadership in cybersecurity… ", etc] (a) retain and develop (a) develop the cybersecurity (a) retain and develop Union’s (a) develop Union’s the the cybersecurity technological and technological, industrial, the cybersecurity research, cybersecurity technological, industrial capacities necessary to societal, academic and research technological and industrial industrial, societal, academic and secure its Digital Single Market; expertise capacities and capacities in an autonomous research expertise capacities and capabilities necessary to secure manner necessary to strengthen capabilities in an autonomous its Digital Single Market and trust and security in secure the manner necessary to strengthen further the protection of data of Digital Single Market; trust and security in view to Union citizens, companies and secure its Digital Single Market public administrations; and further the protection of data of Union citizens, companies and public administrations; [Both changes from Council (in 85 dark green) and EP retained] (aa) increase the resilience (aa) increase the resilience and 86 and reliability of the reliability of the infrastructure of infrastructure of network and network and information information systems, including systems, including critical critical infrastructure, the facilities , the internet and internet and commonly used commonly used hardware and hardware and software in the software in the Union; xxxxx/18 EB/kp 62 ANNEX JAI.2 LIMITE EN
Union; [Changes from EP retained, changing one word, for the reason given under recitals 5 and 14b] (b) increase the (b) increase the (b) increase the (b) increase the competitiveness competitiveness of the Union's competitiveness of the Union's competitiveness of the Union's of the Union's cybersecurity cybersecurity industry and turn cybersecurity industry and turn cybersecurity industry and turn industry and turn cybersecurity cybersecurity into competitive cybersecurity into a competitive cybersecurity into competitive into a competitive advantage of advantage of other Union advantage of other Union advantage of other Union other Union industries. 87 industries. industries. industries. (ba) raise the awareness for (ba) raise the awareness for cybersecurity threats, and cybersecurity threats, and related related societal and ethical societal and ethical implications implications and concerns and and concerns and reduce the reduce the skills gap in skills gap in cybersecurity in the cybersecurity in the Union; Union; 88 [Changes from EP retained] (bb) develop the Union’s (bb) develop the Union’s leadership in cybersecurity and leadership in cybersecurity and ensure the highest cybersecurity ensure the highest cybersecurity standards throughout the standards throughout the Union; Union; 89 [Changes from EP retained] (bc) strengthen the Union’s (bc) strengthen the Union’s 90 competitiveness and capacities competitiveness and capacities while reducing its digital while reducing its digital dependence by increasing the dependence by increasing the xxxxx/18 EB/kp 63 ANNEX JAI.2 LIMITE EN
