Telecoms Package Voted Amendments

De La Quadrature du Net

In the following amendments, amended text with regard to Commission's initial proposal is highlighted in bold italics. In the case of amending acts, passages in an existing provision that the Commission has left unchanged, but that Parliament wishes to amend, are highlighted in bold. Any deletions that Parliament wishes to make in passages of this kind are stroke out.

COD/2007/0247 - Trautmann report (networks and services)[modifier]

Amendment 61 --[modifier]

  • Article 1 – point 8 – point e amending Directive 2002/21/EC Article 8 – paragraph 4 – point g
(g) applying the principle that end-users should be able to access
and distribute any lawful content and use any lawful applications
and/or services of their choice and for this purpose contributing to
the promotion of lawful content in accordance with Article 33 of
Directive 2002/22/EC (Universal Service Directive).

Amendment 64 --[modifier]

  • Article 1 – point 9 amending Directive 2002/21/EC Article 9
Article 9
Management of radio frequencies for electronic communications
services

1. Taking due account of the fact that radio frequencies are a public
good that has an important social, cultural and economic value,
Member States shall ensure the effective management of radio
frequencies for electronic communication services in their territory
in accordance with Articles 8 and 8a. They shall ensure that the
allocation and assignment of such radio frequencies by national
regulatory authorities are based on objective, transparent, non
discriminatory and proportionate criteria. In so doing, they shall
act in accordance with international agreements and may take public
policy considerations into account.

2. Member States shall promote the harmonisation of use of radio
frequencies across the Community, consistent with the need to ensure
effective and efficient use thereof and in pursuit of benefits for
the consumer such as economies of scale and interoperability of
services. In so doing, they shall act in accordance with Articles 8a
and 9c of this Directive, and with Decision No 676/2002/EC (Radio
Spectrum Decision).
 
3. Unless otherwise provided in the second subparagraph or in the
measures adopted pursuant to Article 9c, Member States shall, ensure
that all types of technologies used for electronic communications
services may be used in the radio frequency bands available for
electronic communications services in accordance with the ITU Radio
Regulations.

Member States may, however, provide for proportionate and
non-discriminatory restrictions to the types of technologies used for
electronic communication services where this is necessary to:

(a) avoid the possibility of harmful interference,

(b) protect public health against electromagnetic fields,
 
(ba) ensure technical quality of service,
 
(c) ensure maximisation of radio frequency sharing,

(ca) safeguard the efficient use of radio frequencies,

(d) fulfil a general interest objective in accordance with paragraph
4 below.

4. Unless otherwise provided in the second subparagraph, Member
States shall ensure that all types of electronic communications
services may be provided in the radio frequency bands available for
electronic communications services in accordance with their national
frequency allocation plans and with the ITU Radio Regulations. The
Member States may, however, provide for proportionate and non
discriminatory restrictions to the types of electronic communications
services to be provided.

Measures that require an electronic communications service to be
provided in a specific band available for electronic communications
services shall be justified in order to ensure the fulfilment of a
general interest objective as defined in national legislation in
conformity with Community law, such as safety of life, the promotion
of social, regional or territorial cohesion, the avoidance of
inefficient use of radio frequencies, or the promotion of cultural
and media policy objectives such as cultural and linguistic diversity
and media pluralism.

A measure which prohibits the provision of any other electronic
communications service in a specific band may only be provided for
where justified by the need to protect safety of life services.

5. Member States shall regularly review the necessity of the
restrictions and measures referred to in paragraphs 3 and 4 and shall
make the results of these reviews public.

6. Paragraphs 3 and 4 shall apply to the allocation and assignment of
radio frequencies after [date of transposition].

Amendment 98 --[modifier]

  • Article 2 – point 6 a (new) amending Directive 2002/19/EC Article 9 – paragraph 1
(6a) In Article 9, paragraph 1 is replaced by the following:

"1. National regulatory authorities may, in accordance with the
provisions of Article 8, impose obligations for transparency in
relation to interconnection and/or access, requiring operators to
make public specified information, such as accounting information,
technical specifications, network characteristics, restrictions on
access to services and applications, traffic management policies,
terms and conditions for supply and use, and prices."

Amendment 100 --[modifier]

  • Article 2 – point 8 amending Directive 2002/19/EC Article 12
1. A national regulatory authority may, in accordance with the
provisions of Article 8, impose obligations on operators to meet
reasonable requests for access to, and use of, specific network
elements and associated facilities, inter alia in situations where
the national regulatory authority considers that denial of access or
unreasonable terms and conditions having a similar effect would
hinder the emergence of a sustainable competitive market at the
retail level, or would not be in the end-user's interest.

Operators shall be required inter alia:

(a) to give third parties access to specified network elements and/or
facilities, including unbundled access to the local loop;

(b) to negotiate in good faith with undertakings requesting access;

(c) not to withdraw access to facilities already granted;

(d) to provide specified services on a wholesale basis for resale by
third parties;

(e) to grant open access to technical interfaces, protocols or other
key technologies that are indispensable for the interoperability of
services or virtual network services;

(f) to provide co-location or other forms of facility sharing,
including the sharing of ducts, buildings or entry to buildings,
antennae towers and other supporting constructions, masts, manholes,
cabinets and other network elements which are not active;

(fa) to provide third parties with a reference offer for the granting
of access to ducts;

(g) to provide specified services needed to ensure interoperability
of end-to-end services to users, including facilities for intelligent
network services or roaming on mobile networks;

(h) to provide access to operational support systems or similar
software systems necessary to ensure fair competition in the
provision of services;

(i) to interconnect networks or network facilities;

(j) to provide access to associated services such as identity,
location and presence capability.

National regulatory authorities may attach to those obligations
conditions covering fairness, reasonableness and timeliness.

2. When national regulatory authorities are considering whether to
impose the obligations referred in paragraph 1, and in particular
when assessing whether such obligations would be proportionate to the
objectives set out in Article 8 of Directive 2002/21/EC (Framework
Directive), they shall take account in particular of the following
factors:

(a) the technical and economic viability of using or installing
competing facilities, in the light of the rate of market development,
taking into account the nature and type of interconnection and access
involved, including the viability of other upstream access products
such as access to ducts;

(b) the feasibility of providing the access proposed, in relation to
the capacity available;

(c) the initial investment by the facility owner, bearing in mind any
public investment made and the risks involved in making the
investment, including an appropriate risk-sharing among those
undertakings enjoying access to these new facilities;

(d) the need to safeguard competition in the long term, in particular
infrastructure-based competition

(e) where appropriate, any relevant intellectual property rights;

(f) the provision of pan-European services.

3. When imposing obligations on an operator to provide access in
accordance with the provisions of this Article, national regulatory
authorities may lay down technical or operational conditions to be
met by the provider and/or beneficiaries of such access where
necessary to ensure normal operation of the network.  Obligations to
follow specific technical standards or specifications shall be in
compliance with the standards and specifications laid down in
accordance with Article 17 of Directive 2002/21/EC (Framework
Directive).

Amendment 120 ++[modifier]

  • Annex I – point 3 – point g amending Directive 2002/20/EC Annex I – part A – point 19
19. Compliance with national measures implementing Directive
2001/29/EC of the European Parliament and of the Council and
Directive 2004/48/EC of the European Parliament and of the Council.

Amendment 138 +++[modifier]

  • Article 1 – point 8 – point e a (new) amending Directive 2002/21/EC Article 8 – paragraph 4 – point g a (new) tabled by Guy Bono, Daniel Cohn-Bendit, Zuzana Roithová and others, with oral amendment
(ea) In paragraph 4, point (ga) is added:

"(ga) applying the principle that no restriction may be imposed on
the fundamental rights and freedoms of end-users, notably in
accordance with Article 11 of the Charter of Fundamental Rights of
the European Union on freedom of expression and information, without
a prior ruling by the judicial authorities, save when public security
is threatened where the ruling may be subsequent."

COD/2007/0248 - Harbour report (network user's rights, privacy, consumer protection, ...)[modifier]

Amendment 11 --[modifier]

  • Recital 14
(14) End-users should decide what lawful content they want to be able
to send and receive, and which services, applications, hardware and
software they want to use for such purposes, without prejudice to the
need to preserve the integrity and security of networks and services.
A competitive market with transparent offerings as provided for in
Directive 2002/22/EC should ensure that end-users are able to access
and distribute any lawful content and to use any lawful applications
and/or services of their choice, as stated in Article 8 of Directive
2002/21/EC. Given the increasing importance of electronic
communications for consumers and businesses, users should in any case
be fully informed of any restrictions and/or limitations imposed on
the use of electronic communications services by the service and/or
network provider. Such information should, at the option of the
provider, specify either the type of content, application or service
concerned, or individual applications or services, or both.  Depending
on the technology used and the type of restriction and/or limitation,
such restrictions and/or limitations may require user consent under
Directive 2002/58/EC (Privacy Directive).

Amendment 12 --[modifier]

  • Recital 14 a (new)
(14a) A competitive market should also ensure that users are able to
have the quality of service they require, but in particular cases it
may be necessary to ensure that public communications networks attain
minimum quality levels so as to prevent degradation of service, usage
restrictions and/or limitations and the slowing of traffic.  Where
there is a lack of effective competition, national regulatory
authorities should use the remedies available to them under the
Directives establishing the regulatory framework for electronic
communications networks and services to ensure that users' access to
particular types of content or applications is not unreasonably
restricted. It should also be possible for national regulatory
authorities to issue guidelines setting minimum quality of service
requirements under Directive 2002/22/EC and to take other measures
where such other remedies have, in their judgement, not been
effective with regard to the interests of users and all other
relevant circumstances. Such guidelines or measures could include the
provision of a basic tier of unrestricted services.

Amendment 14 --[modifier]

  • Recital 14 d (new)
(14d) Since inconsistent remedies will significantly impair the
achievement of the internal market, the Commission should assess any
guidelines or other measures adopted by national regulatory
authorities for possible regulatory intervention across the Community
and, if necessary, adopt technical implementing measures in order to
achieve consistent application throughout the Community.

Amendment 27[modifier]

  • (Amendment 2 of the LIBE opinion) Recital 26 b (new)
(26b) When defining the implementing measures on the security of
processing, in accordance with the regulatory procedure with
scrutiny, the Commission should consult all relevant European
authorities and organisations (ENISA, the European Data Protection
Supervisor and the Article 29 Working Party) as well as all other
relevant stakeholders, particularly in order to be informed of the
best available technical and economic methods for improving the
implementation of Directive 2002/58/EC.

Amendment 28[modifier]

  • (Amendment 3 of the LIBE opinion) Recital 26 c (new)
(26c) The provisions of Directive 2002/58/EC particularise and
complement Directive 95/46/EC of the European Parliament and of the
Council of 24 October 1995 on the protection of individuals with
regard to the processing of personal data and on the free movement of
such data [OJ L 281, 23.11.1995, p. 31. Directive as amended by
Regulation (EC) No 1882/2003.] and provide for the legitimate
interests of subscribers who are natural or legal persons.

Amendment 35 --[modifier]

  • (Amendment 10 of the LIBE opinion) Recital 30 b (new)
(30b) When implementing measures transposing Directive 2002/58/EC,
the authorities and courts of the Member States should not only
interpret their national law in a manner consistent with that
Directive, but should also ensure that they do not rely on an
interpretation of that Directive which would be in conflict with
other fundamental rights or general principles of Community law, such
as the principle of proportionality.

Amendment 62 --[modifier]

  • Article 1 – point 12 amending Directive 2002/22/EC Article 20 – paragraph 2 – subparagraph 1 – point (b)
(b) services provided, including in particular:
- where access to emergency services and caller location information
  is to be provided under Article 26, the level of reliability of
  such access, where relevant, and whether access is provided in the
  whole of the national territory,
- information on any restrictions imposed by the provider regarding a
  subscriber's ability to access, use or distribute lawful content or
  run lawful applications and services,
- the service quality levels, with reference to any parameters
  specified under Article 22(2) as appropriate,
- types of maintenance and customer support services offered, as well
  as how to contact customer support,
- the time for the initial connection, and
- any restrictions on the use of terminal equipment imposed by the
  provider;

Amendment 67 --[modifier]

  • Article 1 – point 12 amending Directive 2002/22/EC Article 20 – paragraph 2 – subparagraph 2
The contract shall also include any information provided by the
relevant public authorities on the use of electronic communications
networks and services to engage in unlawful activities or to
disseminate harmful content, and on the means of protection against
risks to personal security, privacy and personal data referred to in
Article 21(4a) and relevant to the service provided.

Amendment 70 ++[modifier]

  • Article 1 – point 12 amending Directive 2002/22/EC Article 20 – paragraph 5
5. Member States shall ensure that where contracts are concluded
between subscribers and undertakings providing electronic
communications services and/or networks, subscribers are clearly
informed in advance of the conclusion of a contract and regularly
thereafter of any limitations imposed by the provider on their
ability to access or distribute lawful content or run any lawful
applications and services of their choice.

Amendment 71 ++[modifier]

  • Article 1 – point 12 amending Directive 2002/22/EC Article 20 – paragraph 6
6. Member States shall ensure that where contracts are concluded
between subscribers and undertakings providing electronic
communications services and/or networks, subscribers are clearly
informed in advance of the conclusion of the contract and regularly
thereafter of their obligations to respect copyright and related
rights. Without prejudice to Directive 2000/31/EC on electronic
commerce, this includes the obligation to inform subscribers of the
most common acts of infringements and their legal consequences.

Amendment 75 --[modifier]

  • Article 1 – point 12 amending Directive 2002/22/EC Article 21 – paragraph 4
4. Member States shall ensure that national regulatory authorities
are able to oblige undertakings providing connection to a public
electronic communications network and/or electronic communications
services to inter alia:

(a) provide applicable tariff information to subscribers regarding
any number or service subject to particular pricing conditions; with
respect to individual categories of services national regulatory
authorities may require such information to be provided prior to
connecting the call;

(b) regularly remind subscribers of any lack of reliable access to
emergency services or caller location information in the service they
have subscribed to;

(c) inform subscribers of any change to any restrictions imposed by
the undertaking on their ability to access, use or distribute lawful
content or run lawful applications and services of their choice;

(d) inform subscribers of their right to include their personal data
in a directory, and of the types of data concerned; and

(e) regularly inform disabled subscribers of details of current
products and services aimed at them.

If deemed appropriate, national regulatory authorities may promote
self-or co-regulatory measures prior to imposing any obligation.

Amendment 76 --[modifier]

  • Article 1 – point 12 amending Directive 2002/22/EC Article 21 – paragraph 4 a (new)
4a. Member States shall ensure that national regulatory authorities
oblige the undertakings referred to in paragraph 4 to distribute
public interest information to existing and new subscribers where
appropriate. Such information shall be produced by the relevant
public authorities in a standardised format and shall inter alia
cover the following topics:

(a) the most common uses of electronic communications services to
engage in unlawful activities or to disseminate harmful content,
particularly where it may prejudice respect for the rights and
freedoms of others, including  infringements of copyright and related
right, and their consequences; and

(b) means of protection against risks to personal security, privacy
and personal data in using electronic communications services.
Significant additional costs incurred by an undertaking in complying
with these obligations shall be reimbursed by the relevant public
authorities.

Amendment 101 --[modifier]

  • Article 1 – point 16 amending Directive 2002/22/EC Article 28 – paragraph 2 a (new)
2a. Member States shall ensure that national regulatory authorities
are able to require undertakings providing public communications
networks to provide information regarding the management of their
networks in connection with any limitations or restrictions on
end-user access to or use of services, content or applications.
Member States shall ensure that national regulatory authorities have
all the powers necessary to investigate cases in which undertakings
have imposed limitations on end-user access to services, content or
applications.

Amendment 112 --[modifier]

  • Article 1 – point 20 – point a a (new) amending Directive 2002/22/EC Article 33 – paragraph 2 a (new)
(aa) the following paragraph shall be added:

2a. Without prejudice to national rules in conformity with Community
law promoting cultural and media policy objectives, such as cultural
and linguistic diversity and media pluralism, national regulatory
authorities and other relevant authorities shall as far as
appropriate promote cooperation between undertakings providing
electronic communications networks and/or services and the sectors
interested in the promotion of lawful content in electronic
communication networks and services. That co-operation may also
include coordination of the public interest information to be made
available under Article 21(4a) and Article 20(2).

Amendment 113 -[modifier]

  • Article 1 – point 20 – point b Directive 2002/22/EC Article 33 – paragraph 3 deletion
3. Member States shall submit a yearly report to the Commission and the Authority 
on the measures taken and the progress towards improving interoperability and use of, 
and access to, electronic communications services and terminal equipment by disabled 
end-users.

Amendment 117 --[modifier]

  • Article 1 – point 21 amending Directive 2002/22/EC Article 34 – paragraph 1 – subparagraph 2 a (new)
Member States shall encourage trustworthy out-of-court procedures,
with specific regard to the interaction of audiovisual and electronic
communications.

Amendment 122 --[modifier]

  • (Amendment 19 of the LIBE opinion) Article 2 – point 3 – point a a (new) amending Directive 2002/58/EC Article 4 – paragraphs 1 a and 1 b (new)
(aa) the following paragraphs shall be inserted:

1a. Without prejudice to the provisions of Directive 95/46/EC and
Directive 2006/24/EC of the European Parliament and of the Council of
15 March 2006 on the retention of data generated or processed in
connection with the provision of publicly available electronic
communications services or of public communications networks [OJ L
105, 13.4.2006, p. 54.], these measures shall include:

- appropriate technical and organisational measures to ensure that
  personal data can be accessed only by authorised personnel for
  legally authorised purposes and to protect personal data stored or
  transmitted against accidental or unlawful destruction, accidental
  loss or alteration and unauthorised or unlawful storage,
  processing, access or disclosure;

- appropriate technical and organisational measures to protect the
  network and services against accidental, unlawful or unauthorised
  usage or interference with or hindering of their functioning or
  availability;

- a security policy with respect to the processing of personal data;

- a process for identifying and assessing reasonably foreseeable
  vulnerabilities in the systems maintained by the provider of
  electronic communications services, which shall include regular
  monitoring for security breaches; and

- a process for taking preventive, corrective and mitigating action
  against any vulnerabilities discovered in the process described
  under the fourth indent  and a process for taking preventive,
  corrective and mitigating action against security incidents that
  can lead to a security breach.

1b. National regulatory authorities shall be able to audit the
measures taken by providers of publicly available electronic
communication services and information society services and to issue
recommendations about best practices and performance indicators
concerning the level of security which these measures should achieve.

Amendment 124 -[modifier]

  • (Amendment 21 of the LIBE opinion) Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 3 a (new)
3a. The competent authority shall consider and determine the
seriousness of the breach. If the breach is deemed to be serious, the
competent authority shall require the provider of publicly available
electronic communications services and the provider of information
society services to give an appropriate notification without undue
delay to the persons affected by the breach. The notification shall
contain the elements described in paragraph 3.

The notification of a serious breach may be postponed in cases where
the notification may hinder the progress of a criminal investigation
related to the serious breach.

Providers shall annually notify affected users of all breaches of
security that have led to the accidental or unlawful destruction,
loss or alteration or the unauthorised disclosure of or access to
personal data transmitted, stored or otherwise processed in
connection with the provision of publicly available communications
services in the Community.

National regulatory authorities shall also monitor whether companies
have complied with their notification obligations under this Article
and impose appropriate sanctions, including publication, as
appropriate, in the event of a failure to do so.

Amendment 125 -[modifier]

  • (Amendment 22 of the LIBE opinion) Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 3 b (new)
3b. The seriousness of a breach requiring notification to subscribers
shall be determined according to the circumstances of the breach,
such as the risk to the personal data affected by the breach, the
type of data affected by the breach, the number of subscribers
involved, and the immediate or potential impact of the breach on the
provision of services.

Amendment 127[modifier]

  • (Amendment 24 of the LIBE opinion) Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 4 – subparagraph 1
4. In order to ensure consistency in implementation of the measures
referred to in paragraphs 1, 2, 3, 3a, 3b and 3c, the Commission
shall, following consultation with the European Data Protection
Supervisor, relevant stakeholders and ENISA, recommend technical
implementing measures concerning inter alia the measures described in
paragraph 1a and the circumstances, format and procedures applicable
to information and notification requirements referred to in
paragraphs 3a and 3b.

The Commission shall involve all relevant stakeholders, particularly
in order to be informed of the best available technical and economic
methods for improving the implementation of this Directive.

Amendment 135 +[modifier]

  • (Amendment 33 of the LIBE opinion) Article 2 – point 5 b(new) amending Directive 2002/58/EC Article 14 – paragraph 3
(5b) Article 14(3) shall be replaced by the following:

"3. Where required, measures may be adopted to ensure that terminal
equipment is constructed in a way that is compatible with the right
of users to protect and control the use of their personal data, in
accordance with Directive 1999/5/EC and Council Decision 87/95/EEC of
22 December 1986 on standardisation in the field of information
technology and communications. Such measures shall respect the
principle of technology neutrality."

Amendment 157 ++[modifier]

  • Annex I – Part B – point b b (new) amending Directive 2002/22/EC Annex I – Part B – point b b (new) tabled by IND/DEM
(bb) Protection software
 
Member States shall ensure that national regulatory authorities are
able to require operators to make available free of charge to their
subscribers reliable, easy-to-use, and freely and fully configurable
protection and/or filtering software to prevent access by children or
vulnerable people to content unsuitable to them.

Traffic monitoring data that this software may collect is for the
sole use of the subscriber only.

Amendment 163 ++[modifier]

  • Annex I – Part B – point b b (new) amending Directive 2002/22/EC Annex I – Part B – point b b (new) tabled by GUE/NGL
(bb) Protection software
 
Member States shall ensure that national regulatory authorities are
able to require operators to make available free of charge to their
subscribers reliable, easy-to-use, and freely and fully configurable
protection and/or filtering software to prevent access by children or
vulnerable people to content unsuitable to them.

Traffic monitoring data that this software may collect is for the
sole use of the subscriber only.

Amendment 166 ++[modifier]

  • Article 1 – point 19 a (new) amending Directive 2002/22/EC Article 32 a (new) tabled by GUE/NGL
Article 32a ACCESS TO CONTENT, SERVICES AND APPLICATIONS

Member States shall ensure that any restrictions to users' rights to
access content, services and applications, if they are necessary,
shall be implemented by appropriate measures, in accordance with the
principles of proportionality, effectiveness and dissuasiveness.
These measures shall not have the effect of hindering the development
of the information society, in compliance with the Directive
2000/31/EC, and shall not conflict with citizens' fundamental rights,
including the right to privacy and the right to due process.

Amendment 174 ++[modifier]

  • Annex I – Part B – point b b (new) amending Directive 2002/22/EC Annex I – Part B – point b b (new) tabled by Verts/ALE
(bb) Protection software

Member States shall ensure that national regulatory authorities are
able to require operators to make available free of charge to their
subscribers reliable, easy-to-use and freely and fully configurable
protection and/or filtering software to prevent access by children or
vulnerable people to content unsuitable to them. Traffic monitoring
data that this software may collect is for the sole use of the
subscriber only.

Amendment 180 +[modifier]

  • Recital 26 a (new) compromise tabled by PPE-DE, PSE and ALDE
(26a) The processing of traffic data for network and information
security purposes, ensuring the availability, authenticity, integrity
and confidentiality of stored or transmitted data will enable the
processing of such data for the legitimate interest of the data
controller for the purpose of preventing unauthorized access and
malicious code distribution, stopping the denial of service attacks,
and damages to computer and electronic communication systems. The
European Network and Information Security Agency (ENISA) should
publish regular studies with the purpose of illustrating the types of
processing allowed under Article 6 of this Directive.

Amendment 181 +[modifier]

  • Article 2 – point 4 b (new) amending Directive 2002/58/EC Article 6 – paragraph 6a (new) compromise tabled by PPE-DE, PSE and ALDE
(4b) in Article 6, the following paragraph shall be added:

"6a. Without prejudice to compliance with the provisions other than
Article 7 of Directive 95/46/EC and Article 5 of this Directive,
traffic data may be processed  for the legitimate interest of the
data controller for the purpose of implementing technical measures to
ensure the network and information security, as defined by Article 4
(c) of Regulation (EC) 460/2004 of the European Parliament and of the
Council of 10 March 2004 establishing the European Network and
Information Security Agency [OJ L 77, 13.3.2004, p. 1.], of a public
electronic communication service, a public or private electronic
communications network, an information society service or related
terminal and electronic communication equipment, except where such
interests are overridden by the interests for the fundamental rights
and freedoms of the data subject. Such processing must be restricted
to that which is strictly necessary for the purposes of such security
activity."

Amendment 182 --[modifier]

  • Recital 28 compromise tabled by ALDE, PPE-DE and PSE
(28) Technological progress allows the development of new
applications based on devices for data collection and identification,
which may be contactless devices using radio frequencies. For
example, Radio Frequency Identification Devices (RFID) use radio
frequencies to capture data from uniquely identified tags, which can
then be transferred over existing communications networks. The wide
use of such technologies can bring considerable economic and social
benefits and thus make a powerful contribution to the internal market
if their use is acceptable to citizens. To achieve that, it is
necessary to ensure that all the fundamental rights of individuals,
including the right to privacy and data protection, are safeguarded.
When such devices are connected to publicly available electronic
communications networks or make use of electronic communications
services as a basic infrastructure, the relevant provisions of
Directive 2002/58/EC, including those on security, traffic and
location data and on confidentiality, should apply.

Amendment 183 -[modifier]

  • Recital 29 compromise tabled by ALDE, PPE-DE and PSE
(29) A breach of security resulting in the loss or compromising
personal data of a subscriber or individual may, if not addressed in
an adequate and timely manner, result in substantial harm to users.
Therefore, the national regulatory authority or other competent
national authority should be notified by the relevant service
provider of every security breach without delay. The competent
authority should determine the seriousness of the breach and should
require the relevant service providers to give an appropriate
notification without undue delay to the persons affected by the
breach, as appropriate. Furthermore, and in cases where there is
an imminent and direct danger for consumers' rights and interests
(such as in cases of unauthorized access to the content of e-mails,
access to credit card records, etc.), the relevant service providers
should, in addition to the competent national authorities,
immediately notify affected users directly. Finally, providers should
annually notify affected users of all breaches of security under this
Directive that occurred during the relevant time period.  The
notification to the national authorities and to users should include
information about measures taken by the provider to address the
breach, as well as recommendations for the protection of the users
affected.

Amendment 184 -[modifier]

  • Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 3, subparagraph 1a (new) compromise tabled by ALDE, PPE-DE and PSE
Notification of a security breach to a subscriber or individual shall
not be required if the provider has demonstrated to the competent
authority that it has implemented appropriate technological
protection measures, and those measures were applied to the data
concerned by the security breach. Such technological protection
measures shall render the data unintelligible to any person who is
not authorized to access the data.

Amendment 185[modifier]

  • Recital 27 a (new) compromise tabled by ALDE, PPE-DE and PSE
(27a) IP addresses are essential to the working of the internet.  They
identify network participating devices, such as computers or mobile
smart devices  by a number.  Considering the different scenarios in
which IP addresses are used, and the related technologies which are
rapidly evolving, questions have arisen about their use as personal
data in certain circumstances.  The Commission should
therefore conduct a study regarding IP addresses and their
use and present such proposals as may be appropriate.

Amendment 186 ++[modifier]

  • Article 2 – point 7 a (new) amending Directive 2002/58/EC Article 18 – paragraph 1 a (new) compromise tabled by ALDE, PPE-DE and PSE
7a)The following paragraph is added to Article 18:

"No later than two years from the date of entry into force of
Directive 2008/.../EC [amending Directive 2002/22/EC on universal
service and users’ rights relating to electronic communications
networks, Directive 2002/58/EC concerning the processing of personal
data and the protection of privacy in the electronic communications
sector and Regulation (EC) No 2006/2004 on consumer protection
cooperation], the Commission shall submit to the European Parliament,
the Council and the European Economic and Social Committee a report,
based on an in-depth study, with recommendations on standard uses of
IP addresses and the application of the ePrivacy and Data Protection
Directives as regards their collection and further processing,
following the consultation of the EDPS, the Article 29 Working Party,
and other stakeholders to include industry representatives."

Amendment 187 +[modifier]

  • Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 3 compromise tabled by ALDE, PPE-DE and PSE
3. In case of a breach of security leading to the accidental or
unlawful destruction, loss, alteration, unauthorised disclosure of or
access to personal data transmitted, stored or otherwise processed in
connection with the provision of publicly available communications
services in the Community, the provider of publicly available
electronic communications services, as well as any undertaking
operating on the internet and providing services to consumers, which
is the data controller and the provider of information society
services shall, without undue delay, notify the national regulatory
authority or the competent authority according to the individual law
of the Member State of such a breach. The notification to the
competent authority shall at least describe the nature of the breach
and recommend measures to mitigate its possible negative effects. The
notification to the competent authority shall, in addition, describe
the consequences of and the measures taken by the provider to address
the breach.

The provider of publicly available electronic communications
services, as well as any undertaking operating on the Internet and
providing services to consumers, which is the data controller and the
provider of information society services, shall notify their users
beforehand to avoid imminent and direct danger to the rights and
interests of consumers.

Amendment 190 -[modifier]

  • Recital 14 c (new) compromise tabled by ALDE, PPE-DE and PSE replace Amendment 13
(14c) Directive 2002/22/EC is without prejudice to reasonable and
non-discriminatory network management by providers.

Amendment 191 -[modifier]

  • Recital 12 c (new) compromise tabled by ALDE, PPE-DE and PSE replace Amendment 9
(12c) In order to address public interest issues with respect to the
use of communications services, and to encourage protection of the
rights and freedoms of others, the relevant national authorities
should be able to produce and have disseminated, with the aid of
providers, public interest information related to the use of
communications services. This information should include public
interest warnings regarding copyright infringement, other unlawful
uses and dissemination of harmful content, and advice and means of
protection against risks to personal security, which may for example
arise from disclosure of personal information in certain
circumstances, privacy and personal data. The information could be
coordinated by way of the cooperation procedure established in
Article 33(2a) of Directive 2002/22/EC. Such public interest
information should be updated whenever necessary and it should be
presented in easily comprehensible printed and electronic formats, as
determined by each Member State, and on national public authority
websites. National regulatory authorities should be able to oblige
providers to disseminate this standardised information to all their
customers in a manner deemed appropriate by the national regulatory
authorities. Significant additional costs incurred by service
providers for dissemination of such information should be agreed
between the providers and the relevant authorities and met by those
authorities. The information should also be included in contracts.

Amendment 192[modifier]

  • Recital 25 compromise tabled by ALDE, PPE-DE and PSE
(25) In order to overcome existing shortcomings in terms of consumer
consultation and appropriately address the interests of citizens,
Member States should put in place appropriate consultation
mechanisms. Such mechanisms could take the form of a body which
would, independently from the national regulatory authority as well
as from service providers, carry out research on consumer-related
issues, such as consumer behaviour and mechanisms for changing
suppliers, and which would operate in a transparent manner and
contribute to the existing mechanisms for stakeholders’ consultation.
Furthermore, a mechanism should be established for the purpose of
enabling appropriate cooperation on issues relating to the promotion
of lawful content. Any cooperation procedures agreed pursuant to such
a mechanism should however not allow for systematic surveillance of
internet usage. Where there is a need to address the facilitation of
the access to and use of electronic communications services and
terminal equipment for disabled users, and without prejudice to
Directive 1999/5/EC of the European Parliament and of the Council of
9 March 1999 on radio equipment and telecommunications terminal
equipment and the mutual recognition of their conformity and in
particular the disability requirements pursuant to its Article
3(3)(f), the Commission should be able to adopt implementing
measures.

Amendment 193 -[modifier]

  • Article 1 – point 13 – point b amending Directive 2002/22/EC Article 22 – paragraph 3 compromise tabled by ALDE, PPE-DE and PSE replace Amendment 81
3. A national regulatory authority may issue guidelines setting
minimum quality of service requirements, and, if appropriate, take
other measures, in order to prevent degradation of service and
slowing of traffic over networks, and to ensure that the ability of
users to access or distribute content or to run applications and
services of their choice is not unreasonably restricted.  Those
guidelines or measures shall take due account of any standards issued
under Article 17 of Directive 2002/21/EC (Framework Directive).

The Commission may, having examined such guidelines or measures and
consulted [xxx], adopt technical implementing measures in that regard
if it considers that the guidelines or measures may create a barrier
to the internal market. Those measures designed to amend
non-essential elements of this Directive by supplementing it shall be
adopted in accordance with the regulatory procedure with scrutiny
referred to in Article 37(2).

Amendment 194 --[modifier]

  • Recital 14 b (new) compromise tabled by PPE-DE and PSE
(14b) In the absence of relevant rules of Community law, content,
applications and services are deemed lawful or harmful in accordance
with national substantive and procedural law. It is a task for the
relevant authorities of the Member States, not for providers of
electronic communications networks or services, to decide, in
accordance with due process, whether content, applications or
services are lawful or harmful or not. Directive 2002/22/EC is
without prejudice to Directive 2000/31/EC (Directive on electronic
commerce), which inter alia contains a "mere conduit" rule for
intermediary service providers. Directive 2002/22/EC does not require
providers to monitor information transmitted over their networks or
to take punitive action or legal prosecution against their customers
due to such information, nor does it make providers liable for the
information. Responsibility for any such punitive action or legal
prosecution remains with the relevant law enforcement authorities.