This week the EU and China held the 25th round of negotiations for the EU-China Comprehensive Agreement on Investment. This round saw the second exchange of market access offers on both sides. The Commission will analyse the Chinese offer carefully to assess its level of ambition and the extent to which it reflects the EU specific requests.
EU and China: the 25th round of negotiations for the EU-China Comprehensive Agreement on Investment.
SEC. 1250J. CHINESE FOREIGN DIRECT INVESTMENT IN COUNTRIES OF THE ARCTIC REGION.
(a) Findings.—Congress finds the following:
(1) China is projecting a physical presence in the Arctic through upgrading to advanced icebreakers, utilizing the Arctic Ocean more regularly through subsidizing arctic shipping, deploying unmanned ice stations, and engaging in large and sophisticated data collection efforts in countries of the Arctic region, including Iceland, Greenland, and Canada.
(2) The 2017 Center for Naval Analysis (CNA) report “Unconstrained Foreign Direct Investment: An Emerging Challenge to Arctic Security” concluded that China has been actively engaged in economies of countries of the Arctic region.
(3) The CNA report documented a pattern of strategic investment by China in the economies of countries of the Arctic region, including the United States, Canada, Greenland, Iceland, Norway, and Russia, in areas such as raw land, oil and gas, minerals, and infrastructure.
(4) Chinese investments in countries of the Arctic region are significant. For instance, Chinese foreign direct investment constituted nearly 12 percent of Greenland’s gross domestic product for the period from 2012 to 2017.
(5) China’s 2018 Arctic Policy White Paper documented the Chinese intent to create a “Polar Silk Road” in the Arctic.
(6) China’s “Polar Silk Road” is an extension of China’s Belt and Road Initiative (BRI).
(7) China is increasingly using the BRI as the impetus for increasing People’s Liberation Army deployments to regions where China has significant investments, primarily through BRI.
(8) China has demonstrated an interest in using BRI to gain military access to strategic regions.
(9) Understanding how China’s foreign direct investment in countries of the Arctic region affects such countries is critical to understanding the degree to which China is able to access the region.
(b) Independent Study.—
(1) IN GENERAL.—Not later than 45 days after the date of enactment of this Act, the Secretary of Defense shall seek to enter into a contract with a federally-funded research and development center described in paragraph (2) to complete an independent study of Chinese foreign direct investment in countries of the Arctic region, with a focus on the effects of such foreign direct investment on United States national security and near-peer competition in the Arctic region.
(2) FEDERALLY-FUNDED RESEARCH AND DEVELOPMENT CENTER DESCRIBED.—A federally-funded research and development center described in this paragraph is a federally-funded research and development center that—
Department of Justice Announces Indictment Charging Russians, Italians and Others With Attempting to Evade Security Sanctions Individuals and Companies Disguised Destination of Mining Equipment
A newly unsealed superseding indictment has charged Russian and Italian nationals, a U.S. citizen and various companies in a conspiracy to evade international trade sanctions.
The United States District Court for the Southern District of Georgia unsealed the superseding indictment on Dec. 2, 2019, charging two Russian nationals, two Italian nationals, a U.S. citizen, and various companies with violating and conspiring the violate the International Emergency Economic Powers Act (IEEPA) and the Export Control Reform Act of 2018 (ECRA), conspiracy to commit wire fraud, and conspiracy to commit money laundering.
The indictment, which was returned in October 2019 by a federal grand jury in Savannah, Georgia, charges Oleg Vladislavovich Nikitin; Nikitin’s Russian-based company KS Engineering (KSE); KSE employee Anton Cheremukhin; Gabriele Villone; Villone’s Italian-based company GVA International Oil and Gas Services (GVA); and GVA employee Bruno Caparini, with violating and conspiring to violate IEEPA/ECRA. Additionally, the aforementioned defendants, Dali Bagrou, and Bagrou’s U.S.-based company World Mining and Oil Supply (WMO) are charged with conspiracy to commit wire fraud and conspiracy to commit money laundering. Nikitin, Villone, and Bagrou were all arrested in Savannah, Georgia, while attempting to complete the illegal transaction and are awaiting trial.
A presentation and technical advice on using cryptocurrency and blockchain technology to evade sanctions
Geoffrey S. Berman, the United States Attorney for the Southern District of New York, John C. Demers, the Assistant Attorney General for National Security, John Brown, Assistant Director of the Federal Bureau of Investigation (“FBI”) Counterintelligence Division, and William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Field Office of the FBI, announced today the unsealing of a criminal complaint charging VIRGIL GRIFFITH, a United States citizen, with violating the International Emergency Economic Powers Act (“IEEPA”) by traveling to the Democratic People’s Republic of Korea (“DPRK” or “North Korea”) in order deliver a presentation and technical advice on using cryptocurrency and blockchain technology to evade sanctions. GRIFFITH was arrested at Los Angeles International Airport yesterday and will be presented in federal court in Los Angeles on Monday, December 2.
USA: U.S. Department of Commerce Proposes Rule for Securing the Nation’s Information and Communications Technology and Services Supply Chain
U.S. Department of Commerce Proposes Rule for Securing the Nation’s Information and Communications Technology and Services Supply Chain
Today, the U.S. Department of Commerce issued a notice of proposed rulemaking and requested comment on the implementation of Executive Order 13873, Securing the Information and Communications Technology and Services (ICTS) Supply Chain. The proposed rule sets out the procedures the Secretary of Commerce plans to use to identify, assess, and address ICTS transactions that pose an undue risk to ICTS in the United States, to the critical infrastructure or the digital economy in the United States, or an unacceptable risk to national security or to the security and safety of U.S. persons. The public will have a 30-day period to submit comments.
Commitments made at the hearings of the Commissioners-designate – von der Leyen Commission 2019-2024
On 27 November 2019, the European Parliament is expected to vote on the von der Leyen Commission as a whole. This would be one of the final steps in an investiture process that started in May 2019, following the European elections. If the Commission obtains Parliament’s consent – by a majority of the votes cast by roll call – the European Council will then appoint its members by qualified majority, finally allowing the new Commission to take up its duties, expected to be on 1 December 2019.
European Commission launches infringement proceedings against the UK following its failure to name a candidate for EU Commissioner
European Commission launches infringement proceedings against the UK following its failure to name a candidate for EU Commissioner.
As the UK was due to leave the EU on 31 October, before the new Commission was to take up its duties (initially on 1 November 2019), the UK government communicated its intention not to propose a candidate for the Commission, a decision that has been maintained even following the extension of the withdrawal date to 31 January 2020.
The International Master in Security, Intelligence and Strategic Studies (IMSISS) is a 24 month Erasmus Mundus Joint Master Degree (EMJMD) awarded by a consortium of European universities – University of Glasgow (UK); Dublin City University (Ireland); Charles University in Prague (Czech Republic) and from 2020, the University of Trento (Italy).
ICJ: Ukraine – Russia – The Court finds that it has jurisdiction to entertain the claims made by Ukraine and that the Application in relation to those claims is admissible
APPLICATION OF THE INTERNATIONAL CONVENTION FOR THE SUPPRESSION OF THE FINANCING OF TERRORISM AND OF THE INTERNATIONAL CONVENTION ON THE ELIMINATION OF ALL FORMS OF RACIAL DISCRIMINATION (UKRAINE v. RUSSIAN FEDERATION)
Polish rules relating to the retirement age of judges and public prosecutors, adopted in July 2017, are contrary to EU law – Le norme polacche relative all’età per il pensionamento dei giudici e dei pubblici ministeri, adottate nel luglio 2017, sono contrarie al diritto dell’Unione
5 November 2019
Judgment in case C-192/18 Commission v Poland
In today’s judgment the Court, upholds the action for failure to fulfil obligations brought by the Commission against the Republic of Poland and held that that Member State had failed to fulfil its obligations under EU law, first, by establishing a different retirement age for men and women who were judges or public prosecutors in Poland and, second, by lowering the retirement age of judges of the ordinary courts while conferring on the Minister for Justice the power to extend the period of active service of those judges.
5 novembre 2019
Sentenza C-192/18 Commissione/Polonia
La Corte di giustizia ha accolto il ricorso per inadempimento proposto dalla Commissione contro la Polonia e ha dichiarato che tale Stato membro, introducendo, da un lato, un’età per il pensionamento differente per le donne e per gli uomini appartenenti alla magistratura polacca, e abbassando, dall’altro, l’età per il pensionamento dei giudici dei tribunali ordinari, conferendo al contempo al Ministro della Giustizia il potere di prorogarne il periodo di servizio, è venuto meno agli obblighi ad esso incombenti ai sensi del diritto dell’Unione.
Advocate General Sharpston: the Court should rule that, by refusing to comply with the provisional and time-limited mechanism for the mandatory relocation of applicants for international protection, Poland, Hungary and the Czech Republic have failed to fulfil their obligations under EU law
Advocate General’s Opinion in Cases C-715/17 Commission v Poland, C-718/17 Commission v Hungary and C-719/17 Commission v Czech Republic 31 october 2019
Advocate General Sharpston: the Court should rule that, by refusing to comply with the provisional and time-limited mechanism for the mandatory relocation of applicants for international protection, Poland, Hungary and the Czech Republic have failed to fulfil their obligations under EU law
These Member States cannot invoke their responsibilities with regard to the maintenance of law and order and the safeguarding of internal security in order to disapply a valid EU measure with which they disagree
Intervento di Mario Draghi, Presidente della BCE, in occasione della cerimonia di commiato in suo onore
The European Council, in agreement with the UK, extended the period under art. 50(3) TEU. Il Consiglio europeo d’intesa con il Regno Unito proroga il termine previsto dall’articolo 50, paragrafo 3, TUE
The European Council adopted a decision to extend the period under Article 50(3) in the context of the UK’s intention to withdraw from the EU. The extension is until 31 January 2020 to allow more time for the withdrawal agreement to be ratified.
The UK can leave earlier, on 1 December 2019 or 1 January 2020, if the deal is ratified by both parties.
The decision was taken unanimously by the European Council by written procedure, with the agreement of the UK.
Il Consiglio europeo ha adottato una decisione che proroga il termine previsto dall’articolo 50, paragrafo 3, (del trattato sull’Unione europea), a seguito della notifica, da parte del Regno Unito, della sua intenzione di recedere dall’Unione europea.
La proroga durerà fino al 31 gennaio 2020 per dare più tempo alla ratifica dell’accordo di recesso. Il recesso può avere luogo anteriormente, il 1° dicembre 2019 o il 1° gennaio 2020, se l’accordo di recesso è ratificato da entrambe le parti.
Per la durata della proroga il Regno Unito rimane uno Stato membro soggetto a tutti i diritti e gli obblighi sanciti dai trattati e dal diritto dell’UE.
La decisione è stata presa all’unanimità dal Consiglio europeo mediante procedura scritta, d’intesa con il Regno Unito, come illustrato nella lettera del primo ministro del Regno Unito Boris Johnson al presidente del Consiglio europeo Donald Tusk. Il Consiglio europeo ha inoltre approvato una dichiarazione che accompagna la decisione.
Brexit: the European Commission has today reached an agreement at negotiator level with the UK on a revised Protocol on Ireland / Northern Ireland and a revised Political Declaration on the framework of the future EU-UK relationship
In light of the United Kingdom’s decision to withdraw from the European Union, the European Commission has today reached an agreement at negotiator level with the UK on a revised Protocol on Ireland / Northern Ireland and a revised Political Declaration on the framework of the future EU-UK relationship.
The revised Protocol provides a legally operative solution that avoids a hard border on the island of Ireland, protects the all-island economy and the Good Friday (Belfast) Agreement in all its dimensions, and safeguards the integrity of the EU Single Market.
Northern Ireland will remain aligned to a limited set of Single Market rules to avoid a hard border on the island of Ireland. Today’s Protocol will also avoid any customs border on the island of Ireland, while ensuring that Northern Ireland remains part of the UK’s customs territory. The Northern Ireland Assembly will have a decisive voice on the long-term application of relevant EU law in Northern Ireland.
The main change in the Political Declaration relates to the future EU-UK economic relationship where the current UK government has opted for a model based on a Free Trade Agreement (FTA). The Political Declaration confirms the ambition to conclude an FTA with zero tariffs and quotas between the EU and the UK, and states that robust commitments on a level playing field should ensure open and fair competition.
On 2 October, a WTO arbitrator issued its decision on the level of countermeasures the United States may request with respect to the European Union and certain EU member states in “European Communities and Certain member States — Measures Affecting Trade in Large Civil Aircraft” (DS316).
“9.2. The United States may therefore request authorization from the DSB to take countermeasures with respect to the European Union and certain member States, as indicated in document WT/DS316/18, at a level not exceeding, in total, USD 7,496.623 million annually. These countermeasures may take the form of (a) suspension of tariff concessions and related obligations under the GATT 1994, and/or (b) suspension of horizontal or sectoral commitments and obligations contained in the United States’ services schedule with regard to all services defined in the Services Sectoral Classification List, except for financial services.
Conference: EU Sanctions against the Russian Federation and the Islamic Republic of Iran in a comparative perspective
Call for Papers Research Forum CfP “Solidarity. The Quest for Founding Utopias of International Law” 23-24 April 2020, Catania. Deadline: 30 September 2019 –
Call for Papers Research Forum CfP “Solidarity. The Quest for Founding Utopias of International Law” 23-24 April 2020, Catania. Deadline: 30 September 2019
A Counter-Terrorism Register (CTR) has been launched at Eurojust to reinforce the judicial response in Member States to terrorist threats and to improve security for citizens. The CTR, which entered into force on 1 September, centralises key judicial information to establish links in proceedings against suspects of terrorist offences. The CTR is managed by Eurojust in The Hague on a 24-hour basis and provides proactive support to national judicial authorities. This centralised information will help prosecutors to coordinate more actively and to identify the suspects or networks that are being investigated in specific cases with potential cross-border implications.
Il Consiglio dei Ministri, su proposta del Ministro dello sviluppo economico Stefano Patuanelli, a norma dell’articolo 1-bis del decreto-legge 15 marzo 2012, n. 21, ha deliberato:
l’esercizio dei poteri speciali in relazione alla informativa notificata dalla società LINKEM S.p.a. relativa a contratti o accordi aventi ad oggetto l’acquisto di beni e servizi relativi alla progettazione, alla realizzazione, alla manutenzione e alla gestione delle reti inerenti i servizi di comunicazione elettronica a banda larga su tecnologia 5G e acquisizione di componenti ad alta intensità tecnologica funzionali alla predetta realizzazione o gestione;
l’esercizio di poteri speciali, con condizioni e prescrizioni, in relazione all’operazione notificata dalla società Vodafone S.p.a. consistente in accordi aventi ad oggetto l’acquisto di beni e servizi per la realizzazione e la gestione di reti di comunicazione elettronica basate sulla tecnologia 5G;
l’esercizio dei poteri speciali in relazione all’informativa notificata dalla società TIM S.p.a. relativa agli accordi conclusi prima del 26 marzo relativi ad apparati e sistemi di comunicazione rispetto ai quali la tecnologia 5G può essere considerata una naturale evoluzione;
l’esercizio dei poteri speciali, con prescrizioni, in relazione all’informativa notificata dalla società Wind Tre S.p.a. circa gli accordi stipulati con la società Huawei, aventi ad oggetto l’acquisto di beni e servizi per la realizzazione e la gestione di reti di comunicazione elettronica basate sulla tecnologia 5G;
l’esercizio dei poteri speciali in relazione all’informativa notificata dalla società FASTWEB S.p.a. relativa all’acquisto dalla società ZTE Corporation degli apparati relativi alle componenti radio per la realizzazione dell’ultima tratta della rete 5G FWA.
The International Emergency Economic Powers Act (IEEPA) is a United States federal law authorizing the president to regulate international commerce after declaring a national emergency in response to any unusual and extraordinary threat to the United States which has its source in whole or substantial part outside the United States.
As part of an ongoing trade war with China, on August 24, 2019, Trump tweeted that he “hereby ordered” US companies to start looking at alternatives to China on the basis of claimed powers under IEEPA.
Trump, however, did not formally declare an emergency as required by IEEPA.
(On May 30, 2019, the White House announced that President Donald Trump would use IEEPA powers to introduce tariffs on Mexican exports in response to the national security threat of illegal immigration from Mexico into the United States.)
The Amsterdam Center for International Law in collaboration with ESIL’s International Economic Law Interest Group invites scholars to submit proposals for the ‘International Economic Law And Security Interests Conference’ which will take place on 14 and 15 November 2019.
Now, Therefore, I, Donald J. Trump, President of the United States of America, by the authority vested in me by the Constitution and the laws of the United States of America, including section 301 of title 3, United States Code, and section 232 of the Trade Expansion Act of 1962, as amended, do hereby proclaim as follows:
(1) The Trade Representative, in consultation with the Secretary, the Secretary of the Treasury, and any other senior executive branch officials the Trade Representative deems appropriate, shall pursue negotiation of agreements contemplated in 19 U.S.C. 1862(c)(3)(A)(i) to address the threatened impairment of the national security with respect to imported automobiles and certain automobile parts from the European Union, Japan, and any other country the Trade Representative deems appropriate.
(2) Within 180 days of the date of this proclamation, the Trade Representative shall update me on the outcome of the negotiations directed under clause (1) of this proclamation.
(3) The Secretary shall continue to monitor imports of automobiles and certain automobile parts and shall, from time to time, in consultation with any senior executive branch officials the Secretary deems appropriate, review the status of such imports with respect to the national security. The Secretary shall inform the President of any circumstances that in the Secretary’s opinion might indicate the need for further action by the President under section 232 of the Trade Expansion Act of 1962, as amended.
(4) Any provision of previous proclamations and Executive Orders that is inconsistent with the actions taken in this proclamation is superseded to the extent of such inconsistency.
USA: Executive Order on Securing the Information and Communications Technology and Services Supply Chain
The period provided for in Article 50(3) TEU, as extended by the European Council Decision (EU) 2019/476, is hereby further extended until 31 October 2019. – Il termine previsto dall’articolo 50, paragrafo 3, TUE è ulteriormente prorogato fino al 31 ottobre 2019.
The period provided for in Article 50(3) TEU, as extended by the European Council Decision (EU) 2019/476, is hereby further extended until 31 October 2019.
This decision shall cease to apply on 31 May 2019 in the event that the United Kingdom has not held elections to the European Parliament in accordance with applicable Union law and has not ratified the Withdrawal Agreement by 22 May 2019.
Il termine previsto dall’articolo 50, paragrafo 3, TUE, quale prorogato dalla decisione (UE) 2019/476 del Consiglio europeo, è ulteriormente prorogato fino al 31 ottobre 2019.
La presente decisione cessa di applicarsi il 31 maggio 2019 nel caso in cui il Regno Unito non abbia tenuto le elezioni del Parlamento europeo conformemente al diritto dell’Unione e non abbia ratificato l’accordo di recesso entro il 22 maggio 2019.
7.126. The Panel finds as follows:
a. As of 2014, there has existed a situation in Russia’s relations with Ukraine that constitutes an emergency in international relations within the meaning of subparagraph (iii) of Article XXI(b) of the GATT 1994; and
b. each of the measures at issue was taken in time of this emergency in international relations within the meaning of subparagraph (iii) of Article XXI(b) of the GATT 1994.
Huawei, 5G and China as a Security Threat
CCDCOE NATO COOPERATIVE CYBER DEFENCE CENTRE OF EXCELLENCE
European Council Decision (EU) 2019/476 taken in agreement with the United Kingdom of 22 March 2019 extending the period under Article 50(3)TEU – Decisione (UE) 2019/476 del Consiglio europeo adottata d’intesa con il Regno Unito, del 22 marzo 2019, che proroga il termine previsto dall’articolo 50, paragrafo 3, TUE
In the event that the Withdrawal Agreement is approved by the House of Commons by 29 March 2019 at the latest, the period provided for in Article 50(3) TEU is extended until 22 May 2019.
In the event that the Withdrawal Agreement is not approved by the House of Commons by 29 March 2019 at the latest, the period provided for in Article 50(3) TEU is extended until 12 April 2019. In that event, the United Kingdom will indicate a way forward before 12 April 2019, for consideration by the European Council.
Qualora l’accordo di recesso sia approvato dalla Camera dei Comuni entro il 29 marzo 2019, il termine previsto dall’articolo 50, paragrafo 3, TUE è prorogato fino al 22 maggio 2019.
Qualora l’accordo di recesso non sia approvato dalla Camera dei Comuni entro il 29 marzo 2019, il termine previsto dall’articolo 50, paragrafo 3, TUE è prorogato fino al 12 aprile 2019. In tal caso il Regno Unito indicherà prima del 12 aprile 2019 il percorso da seguire, in vista del suo esame.
Regulation (EU) 2019/452 of the European Parliament and of the Council of 19 March 2019 establishing a framework for the screening of foreign direct investments into the Union – Regolamento (UE) 2019/452 del Parlamento europeo e del Consiglio, del 19 marzo 2019, che istituisce un quadro per il controllo degli investimenti esteri diretti nell’Unione
Security threats connected with the rising Chinese technological presence in the EU and possible action on the EU level to reduce them
The European Parliament calls for a common approach to cybersecurity
Believes that the Union must take the lead on cybersecurity, by means of a common approach based on the effective and efficient use of EU, Member State and industry expertise, since a patchwork of divergent national decisions would be detrimental to the digital single market;
2. Expresses deep concern about the recent allegations that 5G equipment developed by Chinese companies may have embedded backdoors that would allow manufacturers and authorities to have unauthorised access to private and personal data and
telecommunications from the EU;
3. Is equally concerned about the potential presence of major vulnerabilities in the 5G equipment developed by these manufacturers if they were to be installed when rolling out 5G networks in the coming years;
4. Underlines that the implications for the security of networks and equipment are similar around the world and calls for the EU to draw lessons from the experience available, in order to be able to ensure the highest standards of cybersecurity; calls on the Commission to develop a strategy that puts Europe in a leading position in cybersecurity technology and is aimed at reducing Europe’s dependency on foreign technology in the field of cybersecurity; is of the view that whenever compliance with security requirements cannot be guaranteed adequate measures must be applied;
5. Calls on the Member States to inform the Commission of any national measure they intend to adopt in order to coordinate the Union’s response so as to ensure the highest standards of cybersecurity throughout the Union, and reiterates the importance of refraining from introducing disproportionate unilateral measures that would fragment the single market;
6. Reiterates that any entities providing equipment or services in the EU, irrespective of their country of origin, must comply with fundamental rights obligations and with EU and Member State law, including the legal framework as regards privacy, data protection and cybersecurity;
7. Calls on the Commission to assess the robustness of the Union’s legal framework in order to address concerns about the presence of vulnerable equipment in strategic sectors and backbone infrastructure; urges the Commission to present initiatives, including legislative proposals where appropriate, to address in due time any shortfalls detected, since the Union is in a constant process of identifying and addressing cybersecurity challenges and enhancing cybersecurity resilience in the EU;
8. Urges those Member States that have not yet fully transposed the NIS Directive to do so without delay, and calls on the Commission to monitor this transposition closely so as to ensure that its provisions are properly applied and enforced and that European citizens are better protected from external and internal security threats;
9. Urges the Commission and Member States to make sure that the reporting mechanisms introduced by the NIS Directive are properly applied; notes that the Commission and the Member States should follow up thoroughly on any security incidents or inappropriate reactions of suppliers, so as to address detected gaps;
10. Calls on the Commission to assess the need to further enlarge the scope of the NIS Directive to other critical sectors and services that are not covered by sector-specific legislation;
11. Welcomes and supports the agreement reached on the Cybersecurity Act and the reinforcement of the mandate of the EU Agency for Network and Information Security (ENISA), in order to better support Member States in tackling cybersecurity threats and attacks;
12. Urges the Commission to mandate ENISA to make it a priority to work on a
certification scheme for 5G equipment in order to ensure that the rollout of 5G in the Union meets the highest security standards and is resilient to backdoors or major vulnerabilities that would endanger the security of the Union’s telecommunication networks and dependent services; recommends that special attention be given to commonly used processes, products and software that by their sheer scale have a significant impact on the day-to-day life of citizens and the economy;
13. Warmly welcomes the proposals on cybersecurity competence centres and a network of national coordination centres, which are designed to help the EU retain and develop the technological and industrial capacities in cybersecurity that are needed to secure its digital single market; recalls, however, that certification should not exclude competent authorities and operators from scrutinising the supply chain in order to ensure the integrity and security of their equipment that operates in critical environments and telecom networks;
14. Recalls that cybersecurity demands high security standards; calls for a network that is secure by default and by design; urges the Member States, together with the Commission, to explore all available means to ensure a high level of security;
15. Calls on the Commission and the Member States, in cooperation with ENISA, to provide guidance on how to tackle cyber threats and vulnerabilities when procuring 5G equipment, for example by diversifying equipment from different vendors or introducing multi-phase procurement processes;
16. Reaffirms its position on the Digital Europe programme, which imposes security requirements and Commission oversight on entities established in the EU but controlled from third countries, in particular for cybersecurity-related actions;
17. Calls on the Member States to ensure that public institutions and private companies involved in ensuring the proper functioning of critical infrastructure networks such as telecoms, energy, health and social systems, undertake relevant risk assessments that take into account the security threats specifically linked to technical features of the respective system or dependence on external suppliers of hardware and software technologies;
18. Recalls that the current legal framework on telecommunications mandates the Member States to ensure that telecoms operators comply with the integrity and availability of public electronic communication networks, including end-to-end encryption where appropriate; highlights that under the European Electronic Communications Code, Member States have extensive powers to investigate products on the EU market and apply a wide variety of remedies in the event of their non-compliance;
19. Calls on the Commission and the Member States to make security an obligatory aspect in all public procurement procedures for relevant infrastructure at both EU and national level;
20. Reminds Member States of their obligation under the EU legal framework, notably Directive 2013/40/EU on attacks against information systems, to impose sanctions on legal persons that have committed criminal offences such as attacks against such systems; emphasises that Member States should also make use of their ability to impose other sanctions on these legal entities, such as temporary or permanent disqualification
from practicing commercial activities;
21. Calls on the Member States, cybersecurity agencies, telecoms operators, manufacturers and providers of critical infrastructure services to report to the Commission and ENISA any evidence of backdoors or other major vulnerabilities that could compromise the integrity and security of telecoms networks or infringe Union law and fundamental rights; expects national data protection authorities as well as the European Data Protection Supervisor to thoroughly investigate indications of data breaches of personal data by external vendors and to impose appropriate penalties and sanctions in line with European data protection law;
22. Welcomes the upcoming entry into force of a regulation establishing a framework for the screening of foreign direct investments (FDI) for reasons of security and public order, and underlines that this regulation establishes for the first time a list of areas and factors, including communications and cybersecurity, which are relevant for security and public order at EU level;
23. Calls on the Council to speed up its work on the proposed ePrivacy Regulation;
24. Reiterates that the EU needs to support cybersecurity across the entire value chain, from research to the deployment and uptake of key technologies, disseminate relevant information, and promote cyber hygiene and educational curricula including cybersecurity, and believes that, among other measures, the Digital Europe programme will be an efficient tool for that;
25. Urges the Commission and the Member States to take the necessary steps, including robust investment schemes, to create an innovation-friendly environment within the EU, which should be accessible to all businesses in the EU digital economy, including small and medium-sized enterprises (SMEs); urges, furthermore that such an environment should allow European vendors to develop new products, services and technologies which would enable them to be competitive;
26. Urges the Commission and the Member States to take into account the above requests in the framework of the upcoming discussions on the future EU-China strategy, as preconditions for the EU to remain competitive and for ensuring the security of its digital infrastructure;
27. Instructs its President to forward this resolution to the Council and the Commission.