P3: Trust and Security
Threats such as malicious software and online fraud unsettle consumers and dog efforts to promote the online economy. The Digital Agenda proposes a number of practical solutions, including a coordinated European response to cyber-attacks and reinforced rules on personal data protection.

Only 12% of European web users feel completely safe making online transactions.

Trust and security

Europeans will not embrace technology they do not trust - the digital age is neither "big brother" nor "cyber wild west".

Users must be safe and secure when they connect online. Just like in the physical world, cybercrime cannot be tolerated. Besides, some of the most innovative and advanced online services – such as eBanking or eHealth - would simply not exist if new technologies were not fully reliable. So far, the internet has proved remarkably secure, resilient and stable, but IT networks and end users’ terminals remain vulnerable to a wide range of evolving threats: in recent years, spam emails have grown to the point of heavily congesting e-mail traffic on the internet - various estimates suggest between 80 % to 98 % of all circulating emails - and they spread a wide range of virus and malicious software. There is a growing scourge of identity theft and online fraud. Attacks are becoming increasingly sophisticated (trojans, botnets, etc.) and often motivated by financial purposes. They can also be politically motivated as shown by the recent cyber-attacks that targeted Estonia, Lithuania and Georgia.

Addressing those threats and strengthening security in the digital society is a shared responsibility – of individuals as much as of private and public bodies, both at home and globally. For instance, to tackle sexual exploitation and child pornography, alert platforms can be put in place at national and EU levels, alongside measures to remove and prevent viewing of harmful content. Educational activities and awareness raising campaigns for the wider public are also essential: the EU and Member States can step up their efforts, e.g. through the Safer Internet Programme, providing information and education to children and families on online safety, as well as analysing the impact on children of using digital technologies. Industries should also be encouraged to further develop and implement self-regulatory schemes, in particular as regards protection of minors using their services.

The right to privacy and to the protection of personal data are fundamental rights in the EU which must be – also online - effectively enforced using the widest range of means: from the wide application of the principle of "Privacy by Design" in the relevant ICT technologies, to dissuasive sanctions wherever necessary. The EU’s revised framework for electronic communications clarifies the responsibilities of network operators and service providers, including their obligation to notify breaches of personal data security. The recently launched review of the general data protection framework will include a possible extension of the obligation to notify data security breaches. The implementation of the ban on spam will be reinforced using the Consumer Protection Cooperation (CPC) network.

An effective and rapid implementation of the EU action plan for the protection of critical information infrastructure and of the Stockholm Programme will trigger a wide range of measures in the field of network and information security and the fight against cybercrime. For instance, to react in real-time conditions, a well functioning and wider network of Computer Emergency Response Teams (CERTs) should be established in Europe, including for European institutions. Cooperation between CERTs and law enforcement agencies is essential and a system of contact points should be promoted to help prevent cybercrime and respond to emergencies, such as cyber attacks. Europe also needs a strategy on identity management, notably for secure and effective eGovernment services.

Finally, cooperation of relevant actors needs to be organised at global level to be effectively able to fight and mitigate security threats. This can be channelled as part of discussions on Internet Governance. At a more operational level, internationally coordinated information security targeted actions should be pursued, and joint action should be taken to fight computer crime, with the support of a renewed European Network and Information Security Agency (ENISA).

PAGE NAVIGATOR(Help)
-
Digital Agenda for Europe »Digital Agenda for Europe
Pillars & Actions »Pillars & Actions
P3: Trust and Security
A28: Reinforced Network and Information Security Policy »A28: Reinforced Network and Information Security Policy
A30: Establish a European cybercrime platform »A30: Establish a European cybercrime platform
A32: Strengthen the fight against cybercrime at international level »A32: Strengthen the fight against cybercrime at international level
A33: Support EU-wide cyber-security preparedness »A33: Support EU-wide cyber-security preparedness
A34: Security breach notification provisions »A34: Security breach notification provisions
A36: Online safety for children »A36: Online safety for children
A37: Foster self-regulation in the use of online services »A37: Foster self-regulation in the use of online services
A38: Pan-European Computer Emergency Response Teams  »A38: Pan-European Computer Emergency Response Teams
A39: MS to carry out cyber attack simulations »A39: MS to carry out cyber attack simulations
A40: MS to implement harmful content alert hotlines »A40: MS to implement harmful content alert hotlines
A41: Member States to set up national alert platforms »A41: Member States to set up national alert platforms
A29: Combat cyber attacks against information systems »A29: Combat cyber attacks against information systems
A31: Analyse the creation of a European cybercrime centre »A31: Analyse the creation of a European cybercrime centre
A35: Guidance on implementation of Telecoms rules on privacy »A35: Guidance on implementation of Telecoms rules on privacy
O3: Rising cybercrime and risk of low trust in networks »O3: Rising cybercrime and risk of low trust in networks
W4: Cybersecurity: barriers and incentives »W4: Cybersecurity: barriers and incentives
+Comments (0)
+Citations (0)
+About