New DSM announcements in May - After some delay, the Commission is set to publish on 25 May several proposals linked to its digital single market strategy (DSM), including geo-blocking, parcel delivery and Internet platforms. DSM measures of most relevance to ccTLD are: Internet platforms (with a potential review of the intermediary liability provisions), the copyright review (expected end of September, including enforcement rules), and a review of the e-Privacy directive (in December).
EU Member States ill-prepared for cyber threats - This is the result of a recent ENISA study analysing the crisis management frameworks in the sectors of aviation, civil protection, border control, counter-terrorism and health and disease control. It is particularly important to focus not only on the mitigation of the effect of (a) cyber crisis, but also on the mitigation of the cyber incidents that caused it, the report states.
Brussels attacks – Law enforcement and Justice Ministers target online communication: At an ad hoc meeting of the Justice and Home Affairs (JHA) Council, ministers stated the need to “secure and obtain more quickly and effectively digital evidence” and more “direct contacts” of law enforcement with service providers. One means of doing so could be the expansion of the e-Privacy Directive to Internet platforms and online communication apps. Yet, concrete measures are to be identified at the upcoming EU Council meeting in June. Also, they aim at developing “effective preventive measures” against radicalisation, including “countering the rhetoric of Daesh” in particular through communication strategies”. The Commission “will intensify work with IT companies, notably in the EU Internet Forum to counter terrorist propaganda” with the objective to create a code of conduct against hate speech online by June 2016 (see below).
The “new” Safe Harbour – Shield without protection: On 2 February, the European Commission proudly announced an agreement on the new EU-US Privacy Shield. For now, it is a list of “assurances”, but no document has been seen.
Safe Harbour: Negotiators are unlikely to meet the end-of-January deadline for a new agreement on data transfers from the EU to the US. “Even if some agreement was reached, it would be a political agreement”, EDPS Buttarelli said. Stumbling blocks include judicial redress, guarantees for data and security requests to be necessary and proportional, and a system to monitor and enforce rules for EU citizens in the US. The Article 29 Working Party, the grouping of European Data Protection Authorities (DPAs), which is set to meet on 2 February, is currently analysing how the annulation of safe harbour impacts also alternative mechanisms. They will be the one responsible for enforcement if talks fail and it remains to be seen if they agree to give negotiators more time. Eyes are also on the ongoing Microsoft case, where the company refused to follow a request by the US Department of Justice to hand over data stored in Ireland. In a letter dated 15 January, US-EU trade groups warned leaders about the risks of failing to reach an agreement.