National leaders have turned down European Commission calls for a coordinated EU cyber-security strategy, leading to a “regulatory gap” and a “clear and present danger” of cyber attacks, a high EU official told EurActiv in an interview.
Robert Madelin, the Commission’s director-general overseeing digital matters, has warned about a “clear and present danger” of cyber-attacks in Europe.
“There are hundreds of attacks every day of the year,” Madelin told EurActiv in an interview, saying that difficulties in tracing their origin were “one of the big problems”
Large US banks came under a coordinated attack last week, which American officials traced back to Russian hackers.
Asked if he believed Russia was behind the attack, Madelin said he didn’t know and advised caution in attributing them as coming from any country in particular.
“But the volume of the threat is real a growing. And I think that there, there is a regulatory gap.”
The Commission did come up with a cyber security strategy last year which proposed requesting companies and public bodies to report significant attacks to the European level. “We have made a proposal for stronger company-to-state and state-to- state cooperation around network information security threats,” Madelin explained.
But EU member states rejected the proposal in its initial form, saying it went too far in mandating formal exchanges of information across EU borders.
“There is a regulatory gap there, there isn’t enough cooperation, and that is a clear and present danger,” Madelin warned.
Cyber security is not just a threat, it is also “a clear and present opportunity”, Madelin added, saying the European industry had “world-class assets” that could constitute a “global winning industrial platform”.
“There are some issues currently bubbling under in 2014 which are going to become mainstream. And cyber-security is a big one.”
‘No strategy yet’ on eHealth privacy
Asked about data privacy concerns raised by the growing use of eHealth databases, Madelin said his services had already raised the issue in briefing notes prepared for the incoming EU health commissioner.
But he admitted that the problem was complex and that governments did not necessarily hold the answer to them.
“So the answer is partly we don’t have a strategy yet – which is ok to say since Barack Obama said it – and we have to be conscious of that. We are working in an area which is emergent.”
He pointed to Article 5 of the EU’s proposed Data Protection Regulation, which deals with the special case of health, saying Parliamentary amendments brought to the draft law in first reading had made it unusable for scientific research purposes.
“Some health researchers say that the current form of that text is not fit for purpose for their research model in terms of online cancer registries, the massive crunching of individual genomic data to personalise medicine research.”
For Madelin, there is either too much or too little data being shared. “It is a question of the alignment of that particular article with the future-looking opportunities which data create for saving lives. And this is a very important issue to get right. But it’s not a regulatory gap, it is a regulatory dilemma.”
Broadband: EU ‘not putting its money where its mouth is’
Turning to broadband infrastructure, Madelin said Europe was lagging behind on super-fast broadband connections.
While Europe has achieved “100% penetration” on basic low-speed connectivity, he said high-speed “is a big problem” and pointed to the European Parliament and Council which rejected a Commission proposal for a €7 billion financial instrument for broadband.
“The new Parliament now realises was a mistake,” he said, adding, “they didn’t put their money where their mouth was.”
For Madelin, there is an “investment infrastructure gap” that needs to be fixed. “And as of today, I think there are two problems. First, the public funding is underweight at the national and European level, and second, the innovative financial instruments are not yet being picked up.”
He now hopes Commission President-elect Jean-Claude Juncker will succeed on his challenge to unlock a Europe-wide 300 biilion euro investment plan to improve the situation.
>> Read the full interview: Robert Madelin: EU ‘not putting its money where its mouth is’ on broadband
The Digital Agenda for Europe was adopted in 2010, as part of the Europe 2020 strategy, to stimulate the digital economy and address societal challenges through ICT.
EU heads of states have since called for further strengthening of the European digital leadership and completion of the Digital Single Market by 2015 (>> read EU summit conclusions of June 2012 and March 2012).
Below is a summary of the key policy areas of the ambitious five-year plan:
- Create a new single market to remove all barriers to cross-border trade and licensing, simplify copyright clearance, complete the Single European Payment Area and boost the allocation of spectrum to new services such as mobile applications;
- Improve ICT standard-setting and interoperability by reviewing the European Interoperability Framework;
- Improve trust and security to tackle cybercrime, sexual exploitation and review of the data protection framework to protect consumer rights;
- Increase access to fast Internet and aid the roll-out of fixed and wireless networks;
- Boost research and innovation by upping the ICT R&D budget by 20% annually;
- Raise the level of digital literacy by promoting e-skills initiatives, and;
- Invest in smart technology to reduce energy consumption and help ageing citizens, among others.
- 1 Nov. 2014: New European Commission expected to start work
- 2015: Possible review of Europe 2020 growth strategy and its digital component