In This Issue

• President’s Message
• Symantec Reports Cyber Criminals Are Becoming Increasingly Professional
• Schwarzenegger Vetoes California Data Breach Bill
• U.S. Cyber Security Briefs
• Letter from the Director of European Affairs
• European Commission Promotes Public-Private Dialogue in Security Research
• E.U. and Global Cyber Security Briefs
• Cyber Security Corner: Security and Regulatory Compliance Technologies Need to Converge
• CSIA Congressional Spotlight
  • Representative Jim Langevin (D-RI)
    
  • A Conversation with Representative Jim Langevin
    
• CSIA Member Spotlight
  • Application Security, Inc.
    
  • It's About the Database, Stupid!!!
    
• U.S. Legislative Update
• CSIA in the News
• Cyber Security Industry Events
• Member List
• Contact Us
• Unsubscribe
  
• Archives
• CSIA Home Page

European Affairs Director's Message

by Marika Konings, CSIA Director of European Affairs

E.U. Constitution “no”, but E.U. Treaty “yes?” On 18-19 October, E.U. leaders met in Lisbon, Portugal, for an Informal Council meeting to agree to the final text of the new E.U. Treaty. After voters in France and the Netherlands said “no” to the proposed E.U. Constitution, E.U. Member States toned down their ambition by removing controversial parts such as the label “constitution” and references to the symbols and the anthem of the E.U.

The new streamlined Treaty aims to bring the E.U. closer to its citizens and reform the E.U.'s institutions and decision-making process to cope with the recent stream of enlargements. Nevertheless, there are still a number of hurdles that need to be cleared before a final agreement will be reached.

One of those hurdles is the question of how personal data should be kept and accessed. As reported in this month's E.U. Cyber Security Briefs, under the current draft, personal data could be passed on to third countries without the oversight of E.U. institutions such as the European Parliament and the European Court of Justice. It would be up to the E.U. Member States to decide on the rules for processing personal data in the context of foreign relations, which would include the already controversial PNR agreement.

Members of the European Parliament have already expressed their dismay over this proposal, noting “it's a small point with huge consequences.” E.U. Member States and Members of the European Parliament have clashed on a number of occasions in recent months over the balance between data protection and counter-terrorism measures such as in the SWIFT case and PNR agreement.

At the same time, a new proposal on the review of the ePrivacy Directive, which is expected to introduce data breach notification obligations, is set to be adopted in mid-November. Furthermore, the Commission is to assess the need for new measures in the fight against identity theft. These are some developments that highlight the importance the E.U. gives to data security and the protection of sensitive personal information.

As for the adoption of the E.U. Treaty, although Ireland is the only country that is bound by its constitution to hold a referendum, others like Denmark and the UK are still contemplating on how final ratification should be carried out. However, it is clear that if citizens feel that there rights are being squandered, no matter how the adoption will be carried out, it will not bring the E.U. closer to its citizens.

Marika Konings
Director of European Affairs