Telecoms Package Diff Commission Initial Proposal Parliament Second Reading

From La Quadrature du Net
Revision as of 18:36, 23 September 2009 by Gibus (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search


Telecoms Package: Evolution European Commission Initial Proposal -> European Parliament Second Reading − 2007-11-13 -> 2009-05-06

Contents

Proposal for a Directive of the European Parliament and of the Council amending Directives 2002/21/EC on a common regulatory framework for electronic communications networks and services, 2002/19/EC on access to, and interconnection of, electronic communications networks and services, and 2002/20/EC on the authorisation of electronic communications networks and services (COD/2007/0247)

Directive on access to, and interconnection of, electronic communications networks and associated facilities (Access 2002/19/EC)

Article 9
European Commission Initial Proposal European Parliament Second Reading
Article 9 − Obligation of transparency Article 9 − Obligation of transparency
1. National regulatory authorities may, in accordance with the provisions of Article 8, impose obligations for transparency in relation to interconnection and/or access, requiring operators to make public specified information, such as accounting information, technical specifications, network characteristics, terms and conditions for supply and use, and prices. 1. National regulatory authorities may, in accordance with the provisions of Article 8, impose obligations for transparency in relation to interconnection and/or access, requiring operators to make public specified information, such as accounting information, technical specifications, network characteristics, terms and conditions for supply and use, including any conditions limiting access to and/or use of services and applications where such conditions are allowed by Member states in conformity with Community law, and prices.
2. In particular where an operator has obligations of non-discrimination, national regulatory authorities may require that operator to publish a reference offer, which shall be sufficiently unbundled to ensure that undertakings are not required to pay for facilities which are not necessary for the service requested, giving a description of the relevant offerings broken down into components according to market needs, and the associated terms and conditions including prices. The national regulatory authority shall, inter alia, be able to impose changes to reference offers to give effect to obligations imposed under this Directive. 2. In particular where an operator has obligations of non-discrimination, national regulatory authorities may require that operator to publish a reference offer, which shall be sufficiently unbundled to ensure that undertakings are not required to pay for facilities which are not necessary for the service requested, giving a description of the relevant offerings broken down into components according to market needs, and the associated terms and conditions including prices. The national regulatory authority shall, inter alia, be able to impose changes to reference offers to give effect to obligations imposed under this Directive.
3. National regulatory authorities may specify the precise information to be made available, the level of detail required and the manner of publication. 3. National regulatory authorities may specify the precise information to be made available, the level of detail required and the manner of publication.
4. Notwithstanding paragraph 3, where an operator has obligations under Article 12 concerning unbundled access to the twisted metallic pair local loop, national regulatory authorities shall ensure the publication of a reference offer containing at least the elements set out in Annex II. 4. Notwithstanding paragraph 3, where an operator has obligations under Article 12 concerning wholesale network infrastructure access, national regulatory authorities shall ensure the publication of a reference offer containing at least the elements set out in Annex II.
5. The Commission may adopt the necessary amendments to Annex II in order to adapt it to technological and market developments. The measures, designed to amend non-essential elements of this Directive, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 14(3). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 14(4). In implementing the provisions of this paragraph, the Commission may be assisted by the Authority. 5. The Commission may adopt the necessary amendments to Annex II in order to adapt it to technological and market developments. The measures, designed to amend non-essential elements of this Directive, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 14(3). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 14(4). In implementing the provisions of this paragraph, the Commission may be assisted by BEREC.
Article 12
European Commission Initial Proposal European Parliament Second Reading
Article 12 − Obligations of access to, and use of, specific network facilities Article 12 − Obligations of access to, and use of, specific network facilities
1. A national regulatory authority may, in accordance with the provisions of Article 8, impose obligations on operators to meet reasonable requests for access to, and use of, specific network elements and associated facilities, inter alia in situations where the national regulatory authority considers that denial of access or unreasonable terms and conditions having a similar effect would hinder the emergence of a sustainable competitive market at the retail level, or would not be in the end-user's interest. 1. A national regulatory authority may, in accordance with the provisions of Article 8, impose obligations on operators to meet reasonable requests for access to, and use of, specific network elements and associated facilities, inter alia in situations where the national regulatory authority considers that denial of access or unreasonable terms and conditions having a similar effect would hinder the emergence of a sustainable competitive market at the retail level, or would not be in the end-user's interest.
Operators may be required inter alia: Operators may be required inter alia:
(a) to give third parties access to specified network elements and/or facilities, including unbundled access to the local loop; (a) to give third parties access to specified network elements and/or facilities, including access to network elements which are not active and/or unbundled access to the local loop, to inter alia allow carrier selection and/or pre-selection and/or subscriber line resale offer;
(b) to negotiate in good faith with undertakings requesting access; (b) to negotiate in good faith with undertakings requesting access;
(c) not to withdraw access to facilities already granted; (c) not to withdraw access to facilities already granted;
(d) to provide specified services on a wholesale basis for resale by third parties; (d) to provide specified services on a wholesale basis for resale by third parties;
(e) to grant open access to technical interfaces, protocols or other key technologies that are indispensable for the interoperability of services or virtual network services; (e) to grant open access to technical interfaces, protocols or other key technologies that are indispensable for the interoperability of services or virtual network services;
(f) to provide co-location or other forms of facility sharing, including the sharing of ducts, buildings or entry to buildings, antennae or masts, manholes and street cabinets; (f) to provide co-location or other forms of associated facilities sharing;
(g) to provide specified services needed to ensure interoperability of end-to-end services to users, including facilities for intelligent network services or roaming on mobile networks; (g) to provide specified services needed to ensure interoperability of end-to-end services to users, including facilities for intelligent network services or roaming on mobile networks;
(h) to provide access to operational support systems or similar software systems necessary to ensure fair competition in the provision of services; (h) to provide access to operational support systems or similar software systems necessary to ensure fair competition in the provision of services;
(i) to interconnect networks or network facilities; (i) to interconnect networks or network facilities;
(j) to provide access to associated services such as identity, location and presence capability. (j) to provide access to associated services such as identity, location and presence service.
National regulatory authorities may attach to those obligations conditions covering fairness, reasonableness and timeliness. National regulatory authorities may attach to those obligations conditions covering fairness, reasonableness and timeliness.
2. When national regulatory authorities are considering whether to impose the obligations referred in paragraph 1, and in particular when assessing whether such obligations would be proportionate to the objectives set out in Article 8 of Directive 2002/21/EC (Framework Directive), they shall take account in particular of the following factors: 2. When national regulatory authorities are considering whether to impose the obligations referred in paragraph 1, and in particular when assessing how such obligations would be imposed proportionate to the objectives set out in Article 8 of Directive 2002/21/EC (Framework Directive), they shall take account in particular of the following factors:
(a) the technical and economic viability of using or installing competing facilities, in the light of the rate of market development, taking into account the nature and type of interconnection and access involved; (a) the technical and economic viability of using or installing competing facilities, in the light of the rate of market development, taking into account the nature and type of interconnection and/or access involved, including the viability of other upstream access products such as access to ducts;
(b) the feasibility of providing the access proposed, in relation to the capacity available; (b) the feasibility of providing the access proposed, in relation to the capacity available;
(c) the initial investment by the facility owner, bearing in mind the risks involved in making the investment; (c) the initial investment by the facility owner, bearing in mind any public investment made and the risks involved in making the investment;
(d) the need to safeguard competition in the long term; (d) the need to safeguard competition in the long term, with particular attention to economically efficient infrastructure-based competition;
(e) where appropriate, any relevant intellectual property rights; (e) where appropriate, any relevant intellectual property rights;
(f) the provision of pan-European services. (f) the provision of pan-European services.
3. When imposing obligations on an operator to provide access in accordance with the provisions of this Article, national regulatory authorities may lay down technical or operational conditions to be met by the provider and/or beneficiaries of such access where necessary to ensure normal operation of the network. Obligations to follow specific technical standards or specifications shall be in compliance with the standards and specifications laid down in accordance with Article 17(1) of Directive 2002/21/EC (Framework Directive). 3. When imposing obligations on an operator to provide access in accordance with the provisions of this Article, national regulatory authorities may lay down technical or operational conditions to be met by the provider and/or beneficiaries of such access where necessary to ensure normal operation of the network. Obligations to follow specific technical standards or specifications shall be in compliance with the standards and specifications laid down in accordance with Article 17 of Directive 2002/21/EC (Framework Directive).

Directive on the authorisation of electronic communications networks and services (Authorisation 2002/20/EC)

Annex I
European Commission Initial Proposal European Parliament Second Reading
A. Conditions which may be attached to a general authorisation A. Conditions which may be attached to a general authorisation
19. Compliance with national measures implementing Directive 2001/29/EC of the European Parliament and of the Council (OJ L 167, 22.6.2001, p. 10.) and Directive 2004/48/EC of the European Parliament and of the Council (OJ L 157, 30.4.2004, p. 45.). 19. Transparency obligations on public communications network providers providing electronic communications services available to the public to ensure end-to-end connectivity, in conformity with national measures implementing Directive 2001/29/EC of the objectives and principles set out in Article 8 of the Council (OJ L 167, 22.6.2001, p. 10.) and Directive 2002/21/EC (Framework Directive), disclosure regarding any conditions limiting access to and/or use of services and applications where such conditions are allowed by Member States in conformity with Community law, and, where necessary and proportionate, access by national regulatory authorities to such information needed to verify the accuracy of such disclosure.

Directive on a common regulatory framework for electronic communications networks and services (Framework 2002/21/EC)

Article 8
European Commission Initial Proposal European Parliament Second Reading
Article 8 − Policy objectives and regulatory principles Article 8 − Policy objectives and regulatory principles
1. Member States shall ensure that in carrying out the regulatory tasks specified in this Directive and the Specific Directives, the national regulatory authorities take all reasonable measures which are aimed at achieving the objectives set out in paragraphs 2, 3 and 4. Such measures shall be proportionate to those objectives. 1. Member States shall ensure that in carrying out the regulatory tasks specified in this Directive and the Specific Directives, the national regulatory authorities take all reasonable measures which are aimed at achieving the objectives set out in paragraphs 2, 3 and 4. Such measures shall be proportionate to those objectives.
Unless otherwise provided in Article 9 regarding radio frequencies, Member States shall take the utmost account of the desirability of making regulations technologically neutral and shall ensure that, in carrying out the regulatory tasks specified in this Directive and the Specific Directives, in particular those designed to ensure effective competition, national regulatory authorities do likewise. Unless otherwise provided for in Article 9 regarding radio frequencies, Member States shall take the utmost account of the desirability of making regulations technologically neutral and shall ensure that, in carrying out the regulatory tasks specified in this Directive and the Specific Directives, in particular those designed to ensure effective competition, national regulatory authorities do likewise.
National regulatory authorities may contribute within their competencies to ensuring the implementation of policies aimed at the promotion of cultural and linguistic diversity, as well as media pluralism. National regulatory authorities may contribute within their competencies to ensuring the implementation of policies aimed at the promotion of cultural and linguistic diversity, as well as media pluralism.
2. The national regulatory authorities shall promote competition in the provision of electronic communications networks, electronic communications services and associated facilities and services by inter alia: 2. The national regulatory authorities shall promote competition in the provision of electronic communications networks, electronic communications services and associated facilities and services by inter alia:
(a) ensuring that users, including disabled users, elderly users, and users with special social needs derive maximum benefit in terms of choice, price, and quality; (a) ensuring that users, including disabled users, elderly users, and users with special social needs derive maximum benefit in terms of choice, price, and quality;
(b) ensuring that there is no distortion or restriction of competition in the electronic communications sector, in particular for the delivery of content; (b) ensuring that there is no distortion or restriction of competition in the electronic communications sector, including for the transmission of content;
(c) encouraging efficient investment in infrastructure, and promoting innovation; and (c) encouraging efficient investment in infrastructure, and promoting innovation; and
(d) encouraging efficient use and ensuring the effective management of radio frequencies and numbering resources. (d) encouraging efficient use and ensuring the effective management of radio frequencies and numbering resources.
3. The national regulatory authorities shall contribute to the development of the internal market by inter alia: 3. The national regulatory authorities shall contribute to the development of the internal market by inter alia:
(a) removing remaining obstacles to the provision of electronic communications networks, associated facilities and services and electronic communications services at European level; (a) removing remaining obstacles to the provision of electronic communications networks, associated facilities and services and electronic communications services at European level;
(b) encouraging the establishment and development of trans-European networks and the interoperability of pan-European services, and end-to-end connectivity; (b) encouraging the establishment and development of trans-European networks and the interoperability of pan-European services, and end-to-end connectivity;
(c) ensuring that, in similar circumstances, there is no discrimination in the treatment of undertakings providing electronic communications networks and services; (c) ensuring that, in similar circumstances, there is no discrimination in the treatment of undertakings providing electronic communications networks and services;
(d) working with the Commission and the Authority so as to ensure the development of consistent regulatory practice and the consistent application of this Directive and the Specific Directives. (d) cooperating with each other, with the Commission and BEREC so as to ensure the development of consistent regulatory practice and the consistent application of this Directive and the Specific Directives.
4. The national regulatory authorities shall promote the interests of the citizens of the European Union by inter alia: 4. The national regulatory authorities shall promote the interests of the citizens of the European Union by inter alia:
(a) ensuring all citizens have access to a universal service specified in Directive 2002/22/EC (Universal Service Directive); (a) ensuring all citizens have access to a universal service specified in Directive 2002/22/EC (Universal Service Directive);
(b) ensuring a high level of protection for consumers in their dealings with suppliers, in particular by ensuring the availability of simple and inexpensive dispute resolution procedures carried out by a body that is independent of the parties involved; (b) ensuring a high level of protection for consumers in their dealings with suppliers, in particular by ensuring the availability of simple and inexpensive dispute resolution procedures carried out by a body that is independent of the parties involved;
(c) contributing to ensuring a high level of protection of personal data and privacy; (c) contributing to ensuring a high level of protection of personal data and privacy;
(d) promoting the provision of clear information, in particular requiring transparency of tariffs and conditions for using publicly available electronic communications services; (d) promoting the provision of clear information, in particular requiring transparency of tariffs and conditions for using publicly available electronic communications services;
(e) addressing the needs of specific social groups, in particular disabled users, elderly users and users with special social needs; (e) addressing the needs of specific social groups, in particular disabled users, elderly users and users with special social needs;
(f) ensuring that the integrity and security of public communications networks are maintained; and (f) ensuring that the integrity and security of public communications networks are maintained;
(g) applying the principle that end-users should be able to access and distribute any lawful content and use any lawful applications and/or services of their choice. (g) promoting the ability of end-users should be able to access and distribute information or run applications and services of their choice;
(h) applying the principle that no restriction may be imposed on the fundamental rights and freedoms of end-users, without a prior ruling by the judicial authorities, notably in accordance with Article 11 of the Charter of Fundamental Rights of the European Union on freedom of expression and information, save when public security is threatened in which case the ruling may be subsequent.
' ''(3a) Recognising that the internet is essential for education and for the practical exercise of freedom of expression and access to information, any restriction imposed on the exercise of these fundamental rights should be in accordance with the European Convention for the Protection of Human Rights and Fundamental Freedoms. Concerning those issues, the Commission should start a wide public consultation.''
5. The national regulatory authorities shall, in pursuit of the policy objectives referred to in paragraphs 2, 3 and 4, apply objective, transparent, non-discriminatory and proportionate regulatory principles by, inter alia:
(a) promoting regulatory predictability by ensuring a consistent regulatory approach over appropriate review periods;
(b) ensuring that, in similar circumstances, there is no discrimination in the treatment of undertakings providing electronic communications networks and services;
(c) safeguarding competition to the benefit of consumers and promoting, where appropriate, infrastructure-based competition;
(d) promoting efficient investment and innovation in new and enhanced infrastructures, including by ensuring that any access obligation takes appropriate account of the risk incurred by the investing undertakings and by permitting various cooperative arrangements between investors and parties seeking access to diversify the risk of investment, whilst ensuring that competition in the market and the principle of non-discrimination are preserved;
(e) taking due account of the variety of conditions relating to competition and consumers that exist in the various geographic areas within a Member State;
(f) imposing ex ante regulatory obligations only where there is no effective and sustainable competition and relaxing or lifting such obligations as soon as that condition is fulfilled.
Article 9
European Commission Initial Proposal European Parliament Second Reading
Article 9 − Management of radio frequencies for electronic communications services Article 9 − Management of radio frequencies for electronic communications services
1. Member States shall ensure the effective management of radio frequencies for electronic communication services in their territory in accordance with Article 8. They shall ensure that the allocation and assignment of such radio frequencies by national regulatory authorities are based on objective, transparent, non-discriminatory and proportionate criteria. 1. Taking due account of the fact that radio frequencies are a public good that has an important social, cultural and economic value, Member States shall ensure the effective management of radio frequencies for electronic communication services in their territory in accordance with Articles 8 and 8a. They shall ensure that spectrum allocation used for electronic communications services and issuing general authorisations or individual rights of use of such radio frequencies by competent national regulatory authorities are based on objective, transparent, non-discriminatory and proportionate criteria. In applying this Article, Member States shall respect relevant international agreements, including the ITU Radio Regulations, and may take public policy considerations into account.
2. Member States shall promote the harmonisation of use of radio frequencies across the Community, consistent with the need to ensure effective and efficient use thereof and in accordance with Decision No 676/2002/EC (Radio Spectrum Decision). 2. Member States shall promote the harmonisation of the use of radio frequencies across the Community, consistent with the need to ensure effective and efficient use thereof and in pursuit of benefits for the consumer such as economies of scale and interoperability of services. In so doing, they shall act in accordance with Article 8a and Decision No 676/2002/EC (Radio Spectrum Decision).
3. Unless otherwise provided in the second subparagraph or in the measures adopted pursuant to Article 9c, Member States shall ensure that all types of radio network or wireless access technology may be used in the radio frequency bands open to electronic communications services. 3. Unless otherwise provided in the second subparagraph, Member States shall ensure that all types of radio network or wireless access technology used for electronic communications services may be used in the radio frequency bands, declared available for electronic communications services in their National Frequency Allocation Plan in accordance with Community law.
Member States may, however, provide for proportionate and non-discriminatory restrictions to the types of radio network or wireless access technology used where this is necessary to: Member States may, however, provide for proportionate and non-discriminatory restrictions to the types of radio network or wireless access technology used for electronic communications services where this is necessary to:
(a) avoid harmful interference, (a) avoid harmful interference,
(b) protect public health against electromagnetic fields, (b) protect public health against electromagnetic fields,
(c) ensure technical quality of service,
(c) ensure maximisation of radio frequencies sharing where the use of frequencies is subject to a general authorisation, or (d) ensure maximisation of radio frequency sharing,
(e) safeguard efficient use of spectrum, or
(d) comply with a restriction in accordance with paragraph 4 below. (f) ensure the fulfilment of a general interest objective in accordance with paragraph 4.
4. Unless otherwise provided in the second subparagraph or in the measures adopted pursuant to Article 9c, Member States shall ensure that all types of electronic communications services may be provided in the radio frequency bands open to electronic communications. The Member States may, however, provide for proportionate and non-discriminatory restrictions to the types of electronic communications services to be provided. 4. Unless otherwise provided in the second subparagraph, Member States shall ensure that all types of electronic communications services may be provided in the radio frequency bands, declared available for proportionate and non-discriminatory restrictions to the types of electronic communications services in their National Frequency Allocation Plan in accordance with Community law.
Member States may, however, provide for proportionate and non-discriminatory restrictions to the types of electronic communications services to be provided, including, where necessary, to fulfil a requirement under the ITU Radio Regulations.
Restrictions that require a service to be provided in a specific band shall be justified in order to ensure the fulfilment of a general interest objective in conformity with Community law, such as safety of life, the promotion of social, regional or territorial cohesion, the avoidance of inefficient use of radio frequencies, or, as defined in national legislation in conformity with Community law, the promotion of cultural and linguistic diversity and media pluralism. Measures that require an electronic communications service to be provided in a specific band available for electronic communications services shall be justified in order to ensure the fulfilment of a general interest objective in conformity with Community law, such as safety of life, the promotion of social, regional or territorial cohesion, the avoidance of inefficient use of radio frequencies, or, as defined by Member States in national legislation in conformity with Community law, such as, and not limited to:
(a) safety of life,
(b) the promotion of social, regional or territorial cohesion,
(c) the avoidance of inefficient use of radio frequencies, or
(d) the promotion of cultural and linguistic diversity and media pluralism, for example by the provision of radio and television broadcasting services.
A restriction which prohibits the provision of any other service in a specific band may only be provided for where justified by the need to protect safety of life services. A measure which prohibits the provision of any other electronic communications service in a specific band may only be provided for where justified by the need to protect safety of life services. Member States may exceptionally also extend such a measure in order to fulfil other general interest objectives as defined by Member States in accordance with Community law.
5. Member States shall regularly review the necessity of the restrictions referred to in paragraphs 3 and 4. 5. Member States shall regularly review the necessity of the restrictions referred to in paragraphs 3 and 4, and shall make the results of these reviews public.
6. Paragraphs 3 and 4 shall apply to allocation and assignment of radio frequencies after 31 December 2009. 6. Paragraphs 3 and 4 shall apply to spectrum allocated to be used for electronic communications services, general authorisations issued and individual rights of use of radio frequencies granted after ...(The date of transposition of Directive 2009/.../EC [amending Directive 2002/21/EC].).
Spectrum allocations, general authorisations and individual rights of use which existed by ...(The date of transposition of Directive 2009/.../EC [amending Directive 2002/21/EC].) shall be subject to Article 9a.
7. Without prejudice to the provisions of the Specific Directives and taking into account the relevant national circumstances, Member States may lay down rules in order to prevent spectrum hoarding, in particular by setting out strict deadlines for the effective exploitation of the rights of use by the holder of the rights and by applying penalties, including financial penalties or the withdrawal of the rights of use in case of non-compliance with the deadlines. These rules shall be established and applied in a proportionate, non-discriminatory and transparent manner.
Article 9c
European Commission Initial Proposal European Parliament Second Reading
Article 9c − Radio Frequency Management Harmonisation Measures Article 9c − Radio Frequency Management Harmonisation Measures
In order to contribute to the development of the internal market, for the achievement of the principles of this Article, the Commission may adopt appropriate implementing measures to: In order to contribute to the development of the internal market, for the achievement of the principles of this Article, the Commission may adopt appropriate implementing measures to:
(a) harmonise the identification of the bands for which usage rights may be transferred or leased between undertakings; (a) harmonise the identification of the bands for which usage rights may be transferred or leased between undertakings;
(b) harmonise the conditions attached to such rights and the conditions, procedures, limits, restrictions, withdrawals and transitional rules applicable to such transfers or leases; (b) harmonise the conditions attached to such rights and the conditions, procedures, limits, restrictions, withdrawals and transitional rules applicable to such transfers or leases;
(c) harmonise the specific measures to ensure fair competition where individual rights are transferred; (c) harmonise the specific measures to ensure fair competition where individual rights are transferred;
(d) create an exception to the principle of services or technology neutrality, as well as to harmonise the scope and nature of any exceptions to these principles in accordance with Article 9(3) and (4) other than those aimed at ensuring the promotion of cultural and linguistic diversity and media pluralism. (d) create an exception to the principle of services or technology neutrality, as well as to harmonise the scope and nature of any exceptions to these principles in accordance with Article 9(3) and (4) other than those aimed at ensuring the promotion of cultural and linguistic diversity and media pluralism.
These measures designed to amend non-essential elements of this Directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 22(3). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 22(4). In the implementation of the provisions of this paragraph, the Commission may be assisted by the Authority in accordance with Article 10 Regulation [.../EC]. These measures designed to amend non-essential elements of this Directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 22(3). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 22(4). In the implementation of the provisions of this paragraph, the Commission may be assisted by the Authority in accordance with Article 10 Regulation [.../EC].
(26) Given the effect of the exceptions on the development of the internal market for electronic communications services, the Commission should be able to harmonise the scope and nature of any exceptions to the principles of technology and service neutrality other than those aimed at ensuring the promotion of cultural and linguistic diversity and media pluralism, having regard to harmonised technical conditions for the availability and efficient use of radio frequencies under Decision No 676/2002/EC of the European Parliament and of the Council of 7 March 2002 on a regulatory framework for radio spectrum policy in the European Community (“Radio Spectrum Decision”) (OJ L 108, 24.4.2002, p. 1.). (26) Given the effect of the exceptions on the development of the internal market for electronic communications services, the Commission should be able to harmonise the scope and nature of any exceptions to the principles of technology and service neutrality other than those aimed at ensuring the promotion of cultural and linguistic diversity and media pluralism, having regard to harmonised technical conditions for the availability and efficient use of radio frequencies under Decision No 676/2002/EC of the European Parliament and of the Council of 7 March 2002 on a regulatory framework for radio spectrum policy in the European Community (“Radio Spectrum Decision”) (OJ L 108, 24.4.2002, p. 1.).

Proposal for a Directive of the European Parliament and of the Council amending Directive 2002/22/EC on universal service and users' rights relating to electronic communications networks, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on consumer protection cooperation (COD/2007/0248)

Directive on universal service and users' rights relating to electronic communications networks and services (Universal Service 2002/22/EC)

Article 20
European Commission Initial Proposal European Parliament Second Reading
Article 20 − Contracts Article 20 − Contracts
1. This Article shall apply without prejudice to Community rules on consumer protection, in particular Directives 93/13/EC and 97/7/EC, and national rules in conformity with Community law. 1. This Article shall apply without prejudice to Community rules on consumer protection, in particular Directives 93/13/EC and 97/7/EC, and national rules in conformity with Community law.
2. Member States shall ensure that, where subscribing to services providing connection to a public communications network and/or publicly available telephone services, consumers have a right to a contract with an undertaking or undertakings providing such services and/or connection. The contract shall specify at least: 1. Member States shall ensure that, when subscribing to services providing connection to a public communications network and/or publicly available electronic communications services, consumers, and other end-users so requesting, have a right to a contract with an undertaking or undertakings providing such connection and/or services. The contract shall specify in a clear, comprehensive and easily accessible form at least:
(a) the identity and address of the supplier; (a) the identity and address of the undertaking;
(b) the services provided, the service quality levels offered, as well as the time for the initial connection; (b) the services provided, including in particular,
- whether or not access to emergency services and caller location information is being provided, and/or any limitations on the provision of emergency services under Article 26,
- information on any other conditions limiting access to and/or use of services and applications, where such conditions are allowed under national law in accordance with Community law,
- the minimum service quality levels offered, namely the time for the initial connection and, where appropriate, other quality of service parameters, as defined by the national regulatory authorities,
- information on any procedures put in place by the undertaking to measure and shape traffic so as to avoid filling or overfilling a network link and on how those procedures could impact on service quality,
- the types of maintenance service offered and customer support services provided, as well as the means of contacting these services,
- any restrictions imposed by the provider on the use of terminal equipment supplied;
(c) the types of maintenance service offered; (c) where an obligation exists under Article 25, the subscriber's options as to whether or not to include his or her personal data in a directory, and the data concerned;
(d) particulars of prices and tariffs and the means by which up-to-date information on all applicable tariffs and maintenance charges may be obtained; (d) details of prices and tariffs, the means by which up-to-date information on all applicable tariffs and maintenance charges may be obtained, payment methods offered and any differences in costs due to payment method;
(e) the duration of the contract and the conditions for renewal and termination of services and of the contract, including:
- any minimum usage required to benefit from promotional terms,
(e) the duration of the contract, the conditions for renewal and termination of services and of the contract, including direct costs for portability of numbers and other identifiers; - any charges related to portability of numbers and other identifiers,
- any charges due on termination of the contract, including cost recovery with respect to terminal equipment;
(f) any compensation and the refund arrangements which apply if contracted service quality levels are not met; (f) any compensation and the refund arrangements which apply if contracted service quality levels are not met;
(g) the method of initiating procedures for settlement of disputes in accordance with Article 34; (g) the means of initiating procedures for the settlement of disputes in accordance with Article 34;
(h) the action that might be taken by the undertaking providing connection and/or services in reaction to security or integrity incidents or threats and vulnerabilities. (h) the type of action that might be taken by the undertaking providing connection and/or services in reaction to security or integrity incidents or threats and vulnerabilities.
Member States may extend these obligations to cover other end-users. Member States may also require that the contract include any information which may be provided by the relevant public authorities for this purpose on the use of electronic communications networks and services to engage in unlawful activities or to disseminate harmful content, and on the means of protection against risks to personal security, privacy and personal data, referred to in Article 21(4)(a) and relevant to the service provided.
3. The information listed in paragraph 2 shall also be included in contracts concluded between consumers and electronic communications services providers other than those providing connection to a public communications network and/or publicly available telephone services. Member States may extend this obligation to cover other end-users. 3. The information listed in paragraph 2 shall also be included in contracts concluded between consumers and electronic communications services providers other than those providing connection to a public communications network and/or publicly available telephone services. Member States may extend this obligation to cover other end-users.
4. Member States shall ensure that where contracts are concluded between subscribers and undertakings providing electronic communications services that allow voice communication, subscribers are clearly informed whether or not access to emergency services is provided. Providers of electronic communications services shall ensure that customers are clearly informed of the lack of access to emergency services in advance of the conclusion of a contract and regularly thereafter. 4. Member States shall ensure that where contracts are concluded between subscribers and undertakings providing electronic communications services that allow voice communication, subscribers are clearly informed whether or not access to emergency services is provided. Providers of electronic communications services shall ensure that customers are clearly informed of the lack of access to emergency services in advance of the conclusion of a contract and regularly thereafter.
5. Member States shall ensure that where contracts are concluded between subscribers and undertakings providing electronic communications services and/or networks, subscribers are clearly informed in advance of the conclusion of a contract and regularly thereafter of any limitations imposed by the provider on their ability to access or distribute lawful content or run any lawful applications and services of their choice. 5. Member States shall ensure that where contracts are concluded between subscribers and undertakings providing electronic communications services and/or networks, subscribers are clearly informed in advance of the conclusion of a contract and regularly thereafter of any limitations imposed by the provider on their ability to access or distribute lawful content or run any lawful applications and services of their choice.
6. Member States shall ensure that where contracts are concluded between subscribers and undertakings providing electronic communications services and/or networks, subscribers are clearly informed in advance of the conclusion of the contract and regularly thereafter of their obligations to respect copyright and related rights. Without prejudice to Directive 2000/31/EC on electronic commerce, this includes the obligation to inform subscribers of the most common acts of infringements and their legal consequences. 6. Member States shall ensure that where contracts are concluded between subscribers and undertakings providing electronic communications services and/or networks, subscribers are clearly informed in advance of the conclusion of the contract and regularly thereafter of their obligations to respect copyright and related rights. Without prejudice to Directive 2000/31/EC on electronic commerce, this includes the obligation to inform subscribers of the most common acts of infringements and their legal consequences.
7. Subscribers shall have a right to withdraw from their contracts without penalty upon notice of modifications in the contractual conditions proposed by operators. Subscribers shall be given adequate notice, not shorter than one month, ahead of any such modifications and shall be informed at the same time of their right to withdraw, without penalty, from such contracts, if they do not accept the new conditions. 2. Member States shall ensure that subscribers have a right to withdraw from their contract without penalty upon notice of modification to the contractual conditions proposed by the undertakings providing electronic communications networks and/or services. Subscribers shall be given adequate notice, not shorter than one month, ahead of any such modification, and shall be informed at the same time of their right to withdraw, without penalty, from their contract if they do not accept the new conditions. Member States shall ensure that national regulatory authorities are able to specify the format of such notifications.
' ''(20) In order to address public interest issues with respect to the use of communications services and to encourage protection of the rights and freedoms of others, the relevant national authorities should be able to produce and have disseminated, with the aid of providers, public interest information related to the use of such services. This could include public interest information regarding copyright infringement, other unlawful uses and the dissemination of harmful content, and advice and means of protection against risks to personal security, which may for example arise from disclosure of personal information in certain circumstances, as well as risks to privacy and personal data, and the availability of easy-to-use and configurable software or software options allowing protection for children or vulnerable persons. The information could be coordinated by way of the cooperation procedure established in Article 33(3) of Directive 2002/22/EC (Universal Service Directive). Such public interest information should be updated whenever necessary and should be presented in easily comprehensible printed and electronic formats, as determined by each Member State, and on national public authority websites. National regulatory authorities should be able to oblige providers to disseminate this standardised information to all their customers in a manner deemed appropriate by the national regulatory authorities. When required by Member States, the information should also be included in contracts.''
(14) A competitive market should ensure that end-users are able to access and distribute any lawful content and to use any lawful applications and/or services of their choice, as stated in Article 8 of Directive 2002/21/EC. Given the increasing importance of electronic communications for consumers and businesses, users should in any case be fully informed of any restrictions and/or limitations imposed on the use of electronic communications services by the service and/or network provider. Where there is a lack of effective competition, national regulatory authorities should use the remedies available to them in Directive 2002/19/EC to ensure that users' access to particular types of content or applications is not unreasonably restricted. ''(22) End-users should be able to decide what content they want to send and receive, and which services, applications, hardware and software they want to use for such purposes, without prejudice to the need to preserve the integrity and security of networks and services. A competitive market will provide users with a wide choice of content, applications and services. National regulatory authorities should promote users' ability to access and distribute information and to run applications and services of their choice, as stated in Article 8 of Directive 2002/21/EC (Framework Directive). Given the increasing importance of electronic communications for consumers and businesses, users should in any case be fully informed of any limiting conditions imposed on the use of electronic communications services by the service and/or network provider. Such information should, at the option of effective competition, national regulatory authorities should use the provider, specify the type of content, application or service concerned, individual applications or services, or both. Depending on the technology used and the type of limitation, such limitations may require user consent under Directive 2002/58/EC (Directive on privacy and electronic communications).''
' ''(23) In the absence of relevant rules of Community law, content, applications and services are deemed lawful or harmful in accordance with national substantive and procedural law. It is a task for the Member States, not for providers of electronic communications networks or services, to decide, in accordance with due process, whether content, applications or services are lawful or harmful. The Framework Directive and the Specific Directives are without prejudice to Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce)(OJ L 178, 17.7.2000, p. 1.), which, inter alia, contains a "mere conduit" rule for intermediary service providers, as defined therein.''
' ''(22a) Directive 2002/22/EC (Universal Service Directive) neither mandates nor prohibits conditions imposed by providers, in accordance with national law, limiting users' access to and/or use of services and applications but does provide for information regarding such conditions. Member States wishing to implement measures regarding users' access to and/or use of services and applications must respect the fundamental rights of citizens, including in relation to privacy and due process, and any such measures should take full account of policy goals adopted at Community level, such as furthering the development of the Community information society.''
' ''(22b) Directive 2002/22/EC (Universal Service Directive) does not require providers to monitor information transmitted over their networks or to bring legal proceedings against their customers on grounds of such information, nor does it make providers liable for that information. Responsibility for punitive action or criminal prosecution is a matter for national law, respecting fundamental rights and freedoms including the right to due process.''
Article 21
European Commission Initial Proposal European Parliament Second Reading
Article 21 − Transparency and publication of information Article 21 − Transparency and publication of information
1. Member States shall ensure that transparent, comparable, adequate and up-to-date information on applicable prices and tariffs, and on standard terms and conditions, in respect of access to and use of the services identified in Articles 4, 5, 6, and 7 is available to end-users and consumers, in accordance with the provisions of Annex II. 1. Member States shall ensure that transparent, comparable, adequate and up-to-date information on applicable prices and tariffs, and on standard terms and conditions, in respect of access to and use of the services identified in Articles 4, 5, 6, and 7 is available to end-users and consumers, in accordance with the provisions of Annex II.
2. Member States shall ensure that undertakings providing public electronic communications networks and/or services publish comparable, adequate and up-to-date information on applicable prices and tariffs in respect of access and use of their services provided to consumers. Such information shall be published in an easily accessible form. 1. Member States shall ensure that national regulatory authorities are able to oblige undertakings providing public electronic communications networks and/or publicly available electronic communications services to publish transparent, comparable, adequate and up-to-date information on applicable prices and tariffs, any charges due on termination of a contract and information on standard terms and conditions in respect of access to, and use of their services provided by them to end-users and consumers in accordance with Annex II. Such information shall be published in a clear, comprehensive and easily accessible form. National regulatory authorities may specify additional requirements regarding the form in which such information is to be published.
3. National regulatory authorities shall encourage the provision of information to enable end-users and consumers to make an independent evaluation of the cost of alternative usage patterns, by means of interactive guides or similar techniques. Member States shall ensure that national regulatory authorities make such guides or techniques available, when these are not available on the market. Third parties shall have a right to use without charge the tariffs published by undertakings providing electronic communications networks and/or services, for the purposes of selling or making available such interactive guides or similar techniques. 2. National regulatory authorities shall encourage the provision of comparable information to enable end-users and consumers to make an independent evaluation of the cost of alternative usage patterns, for instance by means of interactive guides or similar techniques. Where such facilities are not available on the market free of charge or at a reasonable price, Member States shall ensure that national regulatory authorities are able to make such guides or techniques available, when these are not available themselves or through third party procurement. Third parties shall have a right to use, free of charge, the information published by undertakings providing electronic communications networks and/or publicly available electronic communications services for the purposes of selling or making available such interactive guides or similar techniques.
4. Member States shall ensure that national regulatory authorities are able to oblige undertakings providing electronic communications services to provide applicable tariff information to customers at the time and point of purchase to ensure that customers are fully informed of pricing conditions. 3. Member States shall ensure that national regulatory authorities are able to oblige undertakings providing public electronic communications network and/or publicly available electronic communications services to inter alia:
(a) provide applicable tariff information to subscribers regarding any number or service subject to particular pricing conditions; with respect to individual categories of services, national regulatory authorities may require such information to be provided immediately prior to connecting the call;
(aa) inform subscribers of any change to access to emergency services or caller location information in the service they have subscribed to;
(b) inform subscribers of any change to conditions limiting access to and/or use of services and applications, where such conditions are allowed under national law in accordance with Community law;
(ba) provide information on any procedures put in place by the provider to measure and shape traffic so as to avoid filling or overfilling a network link and on how those procedures could impact on service quality;
(c) inform subscribers of their right to determine whether or not to include their personal data in a directory, and of the types of data concerned, in accordance with Article 12 of Directive 2002/58/EC (Directive on privacy and electronic communications); and
(d) regularly inform disabled subscribers of details of products and services designed for them.
If deemed appropriate, national regulatory authorities may promote self- or co-regulatory measures prior to imposing any obligation.
4. Member States may require that undertakings referred to in paragraph 3 distribute public interest information free of charge to existing and new subscribers, where appropriate, through the same means as those ordinarily used by the undertakings for their communications with subscribers. In such a case, that information shall be provided by the relevant public authorities in a standardised format and shall, inter alia, cover the following topics:
(a) the most common uses of electronic communications services to engage in unlawful activities or to disseminate harmful content, particularly where it may prejudice respect for the rights and freedoms of others, including infringements of copyright and related rights, and their legal consequences; and
(b) the means of protection against risks to personal security, privacy and personal data when using electronic communications services.
5. Member States shall ensure that national regulatory authorities are able to oblige undertakings providing electronic communications services and/or networks to provide information required in accordance with Article 20(5) to customers in a clear, comprehensive and easily accessible form. 5. Member States shall ensure that national regulatory authorities are able to oblige undertakings providing electronic communications services and/or networks to provide information required in accordance with Article 20(5) to customers in a clear, comprehensive and easily accessible form.
6. In order to ensure that end-users can benefit from a consistent approach to tariff transparency, as well as to the provision of information in accordance with Article 20(5) in the Community, the Commission may, having consulted the European Electronic Communications Market Authority (hereinafter referred to as “the Authority”), take the appropriate technical implementing measures in this area, such as specify the methodology or procedures. Those measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 37(3). 6. In order to ensure that end-users can benefit from a consistent approach to tariff transparency, as well as to the provision of information in accordance with Article 20(5) in the Community, the Commission may, having consulted the European Electronic Communications Market Authority (hereinafter referred to as “the Authority”), take the appropriate technical implementing measures in this area, such as specify the methodology or procedures. Those measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 37(3).
Article 22
European Commission Initial Proposal European Parliament Second Reading
Article 22 − Quality of service Article 22 − Quality of service
1. Member States shall ensure that national regulatory authorities are, after taking account of the views of interested parties, able to require undertakings that provide publicly available electronic communications networks and/or services to publish comparable, adequate and up-to-date information for end-users on the quality of their services, including equivalent access for disabled end-users. The information shall, on request, also be supplied to the national regulatory authority in advance of its publication. 1. Member States shall ensure that national regulatory authorities are, after taking account of the views of interested parties, able to require undertakings that provide publicly available electronic communications networks and/or services to publish comparable, adequate and up-to-date information for end-users on the quality of their services and measures taken to ensure equivalence in access for disabled end-users. That information shall, on request, also be supplied to the national regulatory authority in advance of its publication.
2. National regulatory authorities may specify, inter alia, the quality of service parameters to be measured, and the content, form and manner of information to be published, in order to ensure that end-users have access to comprehensive, comparable and user-friendly information. Where appropriate, the parameters, definitions and measurement methods given in Annex III could be used. 2. National regulatory authorities may specify, inter alia, the quality of service parameters to be measured and the content, form and manner of the information to be published, including possible quality certification mechanisms, in order to ensure that end-users, including disabled end-users, have access to comprehensive, comparable, reliable and user-friendly information. Where appropriate, the parameters, definitions and measurement methods set out in Annex III may be used.
3. In order to prevent degradation of service and slowing of traffic over networks, the Commission may, having consulted the Authority, adopt technical implementing measures concerning minimum quality of service requirements to be set by the national regulatory authority on undertakings providing public communications networks. These measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 37(3). 3. In order to prevent the degradation of service and the hindering or slowing down of traffic over networks, Member States shall ensure that national regulatory authorities are able to set minimum quality of service requirements to be set by the national regulatory authority on an undertaking or undertakings providing public communications networks.
National regulatory authorities shall provide the Commission, in good time before setting any such requirements, with a summary of the grounds for action, the envisaged requirements and the proposed course of action. This information shall also be made available to BEREC. The Commission may, having examined such information, make comments or recommendations thereupon, in particular to ensure that the requirements do not adversely affect the functioning of the internal market. National regulatory authorities shall take the utmost account of the Commission's comments or recommendations when deciding on the requirements.
' ''(26) A competitive market should ensure that users enjoy the quality of service they require, but in particular cases it may be necessary to ensure that public communications networks attain minimum quality levels so as to prevent degradation of service, the blocking of access and the slowing of traffic over networks. In order to meet quality of service requirements, operators may use procedures to measure and shape traffic on a network link so as to avoid filling the link to capacity or overfilling the link, which would result in network congestion and poor performance. These procedures are subject to scrutiny by the national regulatory authority acting in accordance with the provisions of the Framework Directive and the Specific Directives to ensure they do not restrict competition, in particular by addressing discriminatory behaviour. If appropriate, national regulatory authorities may also impose minimum quality of service requirements on undertakings providing public communications networks to ensure that services and applications dependent on the network are delivered to a minimum quality standard, subject to examination by the Commission. National regulatory authorities are empowered to take action to address degradation of service, including the hindering or slowing down of traffic, to the detriment of consumers. However, since inconsistent remedies can impair the achievement of the internal market, the Commission should assess any requirements intended to be set by national regulatory authorities for possible regulatory intervention across the Community and, if necessary, issue comments or recommendations in order to achieve consistent application.''
Article 28
European Commission Initial Proposal European Parliament Second Reading
Article 28 − Access to numbers and services Article 28 − Access to numbers and services
1. Member States shall ensure that national regulatory authorities take all necessary steps to ensure that: 1. Member States shall ensure that, where technically and economically feasible, and except where a called subscriber has chosen for commercial reasons to limit access by calling parties located in specific geographical areas, relevant national regulatory authorities take all necessary steps to ensure that end-users are able to:
(a) end-users are able to access and use services, including information society services, provided within the Community; and (a) end-users are able to access and use services using non-geographic numbers within the Community; and
(b) end-users are able to access all numbers provided in the Community, including those in the national numbering plans of Member States, those from the European Telephone Numbering Space and Universal International Freephone Numbers. (b) end-users are able to access all numbers provided in the Community regardless of the technology and devices used by the operator, including those in the national numbering plans of Member States, those from the ETNS and Universal International Freephone Numbers (UIFN).
National regulatory authorities shall be able to block on a case-by-case basis access to numbers or services where this is justified by reasons of fraud or misuse. 2. Member States shall ensure that the relevant authorities are able to require undertakings providing public communications networks and/or publicly available electronic communications services to block, on a case-by-case basis, access to numbers or services where this is justified by reasons of fraud or misuse and to require that in such cases providers of electronic communications services withhold relevant interconnection or other service revenues.
2. In order to ensure that end users have effective access to numbers and services in the Community, the Commission may, having consulted the Authority, adopt technical implementing measures. These measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 37(3). 2. In order to ensure that end users have effective access to numbers and services in the Community, the Commission may, having consulted the Authority, adopt technical implementing measures. These measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 37(3).
Any such technical implementing measure may be periodically reviewed to take account of market and technological developments. Any such technical implementing measure may be periodically reviewed to take account of market and technological developments.
(22) A single market implies that end-users are able to access all numbers included in the national numbering plans of other Member States, and to access services, including Information Society services, using non-geographic numbers within the Community, including among others freephone and premium rate numbers. End-users should also be able to access numbers from the European Telephone Numbering Space (ETNS) and universal international freephone numbers (UIFN). Cross-border access to numbering resources and to the associated service should not be prevented except in objectively justified cases, such as when this is necessary to combat fraud, and abuse e.g. in connection with certain premium-rate services, or when the number is defined as having a national scope only (e.g. national short code). Users should be fully informed in advance in a clear manner of any charges applicable to freephone numbers, such as international call charges for numbers accessible through standard international dialling codes. In order to ensure that end-users have effective access to numbers and services in the Community, the Commission should be able to adopt implementing measures. ''(36) A single market implies that end-users are able to access all numbers included in the national numbering plans of other Member States and to access services using non-geographic numbers within the Community, including, among others, freephone and premium rate numbers. End-users should also be able to access numbers from the European Telephone Numbering Space (ETNS) and Universal International Freephone Numbers (UIFN). Cross-border access to numbering resources and to the associated services should not be prevented, except in objectively justified cases, for example to combat fraud or abuse (e.g. in connection with certain premium-rate services), when the number is defined as having a national scope only (e.g. a national short code) or when it is technically or economically unfeasible. Users should be fully informed in advance and in a clear manner of any charges applicable to freephone numbers, such as international call charges for numbers accessible through standard international dialling codes.''
Article 33
European Commission Initial Proposal European Parliament Second Reading
Article 33 − Consultation with interested parties Article 33 − Consultation with interested parties
1. Member States shall ensure as far as appropriate that national regulatory authorities take account of the views of end-users, and consumers (including, in particular, disabled users), manufacturers, undertakings that provide electronic communications networks and/or services on issues related to all end-user and consumer rights concerning publicly available electronic communications services, in particular where they have a significant impact on the market. 1. Member States shall ensure as far as appropriate that national regulatory authorities take account of the views of end-users, and consumers (including, in particular, disabled consumers), manufacturers and undertakings that provide electronic communications networks and/or services on issues related to all end-user and consumer rights concerning publicly available electronic communications services, in particular where they have a significant impact on the market.
In particular, Member States shall ensure that national regulatory authorities establish a consultation mechanism ensuring that in their decision-making process due consideration is given to consumer interests in electronic communications. In particular, Member States shall ensure that national regulatory authorities establish a consultation mechanism ensuring that in their decisions on issues related to end-user and consumer rights concerning publicly available electronic communications services, due consideration is given to consumer interests in electronic communications.
2. Where appropriate, interested parties may develop, with the guidance of national regulatory authorities, mechanisms, involving consumers, user groups and service providers, to improve the general quality of service provision by, inter alia, developing and monitoring codes of conduct and operating standards. 2. Where appropriate, interested parties may develop, with the guidance of national regulatory authorities, mechanisms, involving consumers, user groups and service providers, to improve the general quality of service provision by, inter alia, developing and monitoring codes of conduct and operating standards.
3. Without prejudice to national rules in conformity with Community law promoting cultural and media policy objectives, such as cultural and linguistic diversity and media pluralism, national regulatory authorities and other relevant authorities may promote cooperation between undertakings providing electronic communications networks and/or services and sectors interested in the promotion of lawful content in electronic communication networks and services. That cooperation may also include coordination of the public interest information to be provided pursuant to Article 21(4)(a) and Article 20(1).
3. Member States shall submit a yearly report to the Commission and the Authority on the measures taken and the progress towards improving interoperability and use of, and access to, electronic communications services and terminal equipment by disabled end-users. 3. Member States shall submit a yearly report to the Commission and the Authority on the measures taken and the progress towards improving interoperability and use of, and access to, electronic communications services and terminal equipment by disabled end-users.
4. Without prejudice to the application of Directive 1999/5/EC and in particular of disability requirements pursuant to its Article 3(3)(f), and in order to improve accessibility to electronic communications services and equipment by disabled end-users, the Commission may, having consulted the Authority, take the appropriate technical implementing measures to address the issues raised in the report referred to in paragraph 3, following a public consultation. These measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 37(3). 4. Without prejudice to the application of Directive 1999/5/EC and in particular of disability requirements pursuant to its Article 3(3)(f), and in order to improve accessibility to electronic communications services and equipment by disabled end-users, the Commission may, having consulted the Authority, take the appropriate technical implementing measures to address the issues raised in the report referred to in paragraph 3, following a public consultation. These measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 37(3).
(25) In order to overcome existing shortcomings in terms of consumer consultation and appropriately address the interests of citizens, Member States should put in place an appropriate consultation mechanism. Such a mechanism could take the form of a body which would, independently from the national regulatory authority as well as from service providers, carry out research on consumer-related issues, such as consumer behaviour and mechanisms for changing suppliers, and which would operate in a transparent manner and contribute to the existing mechanisms for stakeholders' consultation. Where there is a need to address the facilitation of the access to and use of electronic communications services and terminal equipment for disabled users, and without prejudice to Directive 1999/5/EC of the European Parliament and of the Council of 9 March 1999 on radio equipment and telecommunications terminal equipment and the mutual recognition of their conformity (OJ L 91, 7.4.1999, p. 10. Directive as amended by Regulation (EC) No 1882/2003 of the European Parliament and of the Council (OJ L 284, 31.10.2003, p. 1).) and in particular the disability requirements pursuant to its Article 3(3)(f), the Commission should be able to adopt implementing measures. ''(39) In order to overcome existing shortcomings in terms of consumer consultation and to appropriately address the interests of citizens, Member States should put in place an appropriate consultation mechanism. Such a mechanism could take the form of a body which would, independently of the national regulatory authority and service providers, carry out research into consumer-related issues, such as consumer behaviour and mechanisms for changing suppliers, and which would operate in a transparent manner and contribute to the existing mechanisms for stakeholder consultation. Furthermore, a mechanism could be established for disabled users, and without prejudice to Directive 1999/5/EC of the purpose of enabling appropriate cooperation on issues relating to the promotion of lawful content. Any cooperation procedures agreed pursuant to such a mechanism should, however, not allow for the systematic surveillance of internet usage.''
Article 34
European Commission Initial Proposal European Parliament Second Reading
Article 34 − Out-of-court dispute resolution Article 34 − Out-of-court dispute resolution
1. Member States shall ensure that transparent, simple and inexpensive out-of-court procedures are available for dealing with unresolved disputes between consumers and undertakings providing electronic communications networks and/or services, relating to the contractual conditions and/or performance of contracts concerning supply of such networks or services. Member States shall adopt measures to ensure that such procedures enable disputes to be settled fairly and promptly and may, where warranted, adopt a system of reimbursement and/or compensation. Member States may extend these obligations to cover disputes involving other end-users. 1. Member States shall ensure that transparent, non-discriminatory, simple and inexpensive out-of-court procedures are available for dealing with unresolved disputes between consumers and undertakings providing electronic communications networks and/or services arising under this Directive and relating to the contractual conditions and/or performance of contracts concerning the supply of those networks and/or services. Member States shall adopt measures to ensure that such procedures enable disputes to be settled fairly and promptly and may, where warranted, adopt a system of reimbursement and/or compensation. Such procedures shall enable disputes to be settled impartially and shall not deprive the consumer of the legal protection afforded by national law. Member States may extend these obligations to cover disputes involving other end-users.
Member States shall ensure that bodies in charge of dealing with such disputes provide relevant information for statistical purposes to the Commission and the Authority. Member States shall ensure that bodies in charge of dealing with such disputes provide relevant information for statistical purposes to the Commission and the Authority.
2. Member States shall ensure that their legislation does not hamper the establishment of complaints offices and the provision of on-line services at the appropriate territorial level to facilitate access to dispute resolution by consumers and end-users. 2. Member States shall ensure that their legislation does not hamper the establishment of complaints offices and the provision of on-line services at the appropriate territorial level to facilitate access to dispute resolution by consumers and end-users.
3. Where such disputes involve parties in different Member States, Member States shall coordinate their efforts with a view to bringing about a resolution of the dispute. 3. Where such disputes involve parties in different Member States, Member States shall coordinate their efforts with a view to bringing about a resolution of the dispute.
4. This Article is without prejudice to national court procedures. 4. This Article is without prejudice to national court procedures.

Directive concerning the processing of personal data and the protection of privacy in the electronic communications sector (ePrivacy 2002/58/EC)

Article 1
European Commission Initial Proposal European Parliament Second Reading
' ''(40a) Directive 2002/58/EC (Directive on privacy and electronic communications) provides for the harmonisation of the provisions of the Member States required to ensure an equivalent level of protection of fundamental rights and freedoms, and in particular the right to privacy and the right to confidentiality, with respect to the processing of personal data in the electronic communications sector, and to ensure the free movement of such data and of electronic communications equipment and services in the Community. Where measures aiming to ensure that terminal equipment is constructed so as to safeguard the protection of personal data and privacy are adopted pursuant to Directive 1999/5/EC or Council Decision 87/95/EEC, such measures should respect the principle of technology neutrality.''
Article 2
European Commission Initial Proposal European Parliament Second Reading
Article 2 − Definitions Article 2 − Definitions
Save as otherwise provided, the definitions in Directive 95/46/EC and in Directive 2002/21/EC of the European Parliament and of the Council of 7 March 2002 on a common regulatory framework for electronic communications networks and services (Framework Directive)(8) shall apply. Save as otherwise provided, the definitions in Directive 95/46/EC and in Directive 2002/21/EC of the European Parliament and of the Council of 7 March 2002 on a common regulatory framework for electronic communications networks and services (Framework Directive) shall apply.
The following definitions shall also apply: The following definitions shall also apply:
(a) “user” means any natural person using a publicly available electronic communications service, for private or business purposes, without necessarily having subscribed to this service; (a) “user” means any natural person using a publicly available electronic communications service, for private or business purposes, without necessarily having subscribed to this service;
(b) “traffic data” means any data processed for the purpose of the conveyance of a communication on an electronic communications network or for the billing thereof; (b) “traffic data” means any data processed for the purpose of the conveyance of a communication on an electronic communications network or for the billing thereof;
(c) “location data” means any data processed in an electronic communications network, indicating the geographic position of the terminal equipment of a user of a publicly available electronic communications service; (c) “location data” means any data processed in an electronic communications network or by an electronic communications service, indicating the geographic position of the terminal equipment of a user of a publicly available electronic communications service;
(d) “communication” means any information exchanged or conveyed between a finite number of parties by means of a publicly available electronic communications service. This does not include any information conveyed as part of a broadcasting service to the public over an electronic communications network except to the extent that the information can be related to the identifiable subscriber or user receiving the information; (d) “communication” means any information exchanged or conveyed between a finite number of parties by means of a publicly available electronic communications service. This does not include any information conveyed as part of a broadcasting service to the public over an electronic communications network except to the extent that the information can be related to the identifiable subscriber or user receiving the information;
(e) “call” means a connection established by means of a publicly available telephone service allowing two-way communication; (e) “call” means a connection established by means of a publicly available telephone service allowing two-way communication;
(f) “consent” by a user or subscriber corresponds to the data subject's consent in Directive 95/46/EC; (e) “consent” by a user or subscriber corresponds to the data subject's consent in Directive 95/46/EC;
(g) “value added service” means any service which requires the processing of traffic data or location data other than traffic data beyond what is necessary for the transmission of a communication or the billing thereof; (f) “value added service” means any service which requires the processing of traffic data or location data other than traffic data beyond what is necessary for the transmission of a communication or the billing thereof;
(h) “electronic mail” means any text, voice, sound or image message sent over a public communications network which can be stored in the network or in the recipient's terminal equipment until it is collected by the recipient. (g) “electronic mail” means any text, voice, sound or image message sent over a public communications network which can be stored in the network or in the recipient's terminal equipment until it is collected by the recipient;
(h) “personal data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of a publicly available electronic communications service in the Community.
Article 3
European Commission Initial Proposal European Parliament Second Reading
' ''(40c) Developments concerning the use of IP addresses should be followed closely, taking into consideration the work already done by, among others, the Working Party on the Protection of Individuals with regard to the Processing of Personal Data established by Article 29 of Directive 95/46/EC, and in the light of such proposals as may be appropriate.''
(28) Technological progress allows the development of new applications based on devices for data collection and identification, which may be contactless devices using radio frequencies. For example, Radio Frequency Identification Devices (RFID) use radio frequencies to capture data from uniquely identified tags, which can then be transferred over existing communications networks. The wide use of such technologies can bring considerable economic and social benefits and thus make a powerful contribution to the internal market if their use is acceptable to citizens. To achieve that, it is necessary to ensure that the fundamental rights of individuals, in particular the right to privacy and data protection, are safeguarded. When such devices are connected to publicly available electronic communications networks or make use of electronic communications services as a basic infrastructure, the relevant provisions of Directive 2002/58/EC, including those on security, traffic and location data and on confidentiality, should apply. ''(44) Technological progress allows the development of new applications based on devices for data collection and identification, which could be contactless devices using radio frequencies. For example, Radio Frequency Identification Devices (RFID) use radio frequencies to capture data from uniquely identified tags which can then be transferred over existing communications networks. The wide use of such technologies can bring considerable economic and social benefit and thus make a powerful contribution to the internal market, if their use is acceptable to citizens. To achieve this aim, it is necessary to ensure that all fundamental rights of individuals, including the right to privacy and data protection, are safeguarded. When such devices are connected to publicly available electronic communications networks or make use of electronic communications services as a basic infrastructure, the relevant provisions of Directive 2002/58/EC (Directive on privacy and electronic communications), including those on security, traffic and location data and on confidentiality, should apply.
Article 4
European Commission Initial Proposal European Parliament Second Reading
Article 4 − Security of processing Article 4 − Security of processing
1. The provider of a publicly available electronic communications service must take appropriate technical and organisational measures to safeguard security of its services, if necessary in conjunction with the provider of the public communications network with respect to network security. Having regard to the state of the art and the cost of their implementation, these measures shall ensure a level of security appropriate to the risk presented. 1. The provider of a publicly available electronic communications service must take appropriate technical and organisational measures to safeguard security of its services, if necessary in conjunction with the provider of the public communications network with respect to network security. Having regard to the state of the art and the cost of their implementation, these measures shall ensure a level of security appropriate to the risk presented.
1a. Without prejudice to Directive 95/46/EC, the measures referred to in paragraph 1 shall at least:
- ensure that personal data can be accessed only by authorised personnel for legally authorised purposes;
- protect personal data stored or transmitted against accidental or unlawful destruction, accidental loss or alteration, and unauthorised or unlawful storage, processing, access or disclosure; and
- implement a security policy with respect to the processing of personal data.
Relevant national authorities shall be able to audit the measures taken by providers of publicly available electronic communication services and to issue recommendations about best practices concerning the level of security which those measures should achieve.
2. In case of a particular risk of a breach of the security of the network, the provider of a publicly available electronic communications service must inform the subscribers concerning such risk and, where the risk lies outside the scope of the measures to be taken by the service provider, of any possible remedies, including an indication of the likely costs involved. 2. In case of a particular risk of a breach of the security of the network, the provider of a publicly available electronic communications service must inform the subscribers concerning such risk and, where the risk lies outside the scope of the measures to be taken by the service provider, of any possible remedies, including an indication of the likely costs involved.
3. In case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed in connection with the provision of publicly available communications services in the Community, the provider of publicly available electronic communications services shall, without undue delay, notify the subscriber concerned and the national regulatory authority of such a breach. The notification to the subscriber shall at least describe the nature of the breach and recommend measures to mitigate its possible negative effects. The notification to the national regulatory authority shall, in addition, describe the consequences of and the measures taken by the provider to address the breach. 3. In the case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data breach, the provision of publicly available communications services in the Community, the provider of publicly available electronic communications services shall, without undue delay, notify the personal data breach and recommend measures to mitigate its possible negative effects. The notification to the competent national authority.
When the personal data breach is likely to adversely affect the personal data and privacy of a subscriber or an individual, the provider shall also notify the subscriber or individual of the breach without undue delay.
Notification of a personal data breach to a subscriber or individual concerned shall not be required if the provider has demonstrated to the satisfaction of the competent authority that it has implemented appropriate technological protection measures, and those measures were applied to the data concerned by the security breach. Such technological protection measures shall render the data unintelligible to any person who is not authorized to access the data.
Without prejudice to the provider's obligation to notify subscribers and individuals concerned, if the provider has not already notified the subscriber or individual of the personal data breach, the competent national authority, having considered the likely adverse effects of the breach, may require it to do so.
The notification to the subscriber or individual shall at least describe the nature of the personal data breach and the contact points where more information can be obtained, and shall recommend measures to mitigate the possible adverse effects of the personal data breach. The notification to the competent national authority shall, in addition, describe the consequences of, and the measures proposed or taken by the provider to address, the personal data breach.
(29) A breach of security resulting in the loss or compromising personal data of an individual subscriber may, if not addressed in an adequate and timely manner, result in substantial economic loss and social harm, including identity fraud. Therefore, subscribers concerned by such security incidents should be notified without delay and informed in order to be able to take the necessary precautions. The notification should include information about measures taken by the provider to address the breach, as well as recommendations for the users affected. ''(47) A breach of security resulting in the loss or compromising personal data breach may, if not addressed in an adequate and timely manner, result in substantial economic loss and social harm, including identity fraud, to the subscriber or individual concerned. Therefore, as soon as the provider of publicly available electronic communications services becomes aware that such a breach has occurred, it should notify the breach to the competent national authority. The subscribers or individuals whose data and privacy could be adversely affected by such breaches should be notified without delay and informed in order to allow them to take the necessary precautions. A breach should be considered as adversely affecting the subscriber's or individual's data and privacy where it entails e.g. identity theft or fraud, physical harm, significant humiliation or damage to reputation in connection with the provision of publicly available communications services in the Community. The notification should include information about measures taken by the provider to address the breach, as well as recommendations for the subscriber or individual concerned.''
4. Subject to any technical implementing measures adopted under paragraph 5, the competent national authorities may adopt guidelines and, where necessary, issue instructions concerning the circumstances in which notification by providers of personal data breaches is required, the format of such notification and the manner in which the notification is to be made. They shall also be able to audit whether providers have complied with their notification obligations under this paragraph and impose appropriate sanctions in the event of a failure to do so.
Providers shall maintain an inventory of personal data breaches, comprising the facts surrounding such breaches, their effects and the remedial action taken, sufficient for the purpose of enabling the competent national authorities to verify compliance with the provisions of paragraph 3. The inventory shall only include the information necessary for this purpose.
4. In order to ensure consistency in implementation of the measures referred to in paragraphs 1, 2 and 3, the Commission may, following consultation with the European Electronic Communications Market Authority (hereinafter referred to as “the Authority”), and the European Data Protection Supervisor, adopt technical implementing measures concerning inter alia the circumstances, format and procedures applicable to information and notification requirements referred to in this Article. 5. In order to ensure consistency in implementation of the measures referred to in paragraphs 2, 3 and 4, the Commission may, following consultation with the European Network and Information Security Agency (ENISA), the Working Party on the Protection of Individuals with regard to the Processing of Personal Data established by Article 29 of Directive 95/46/EC and the European Data Protection Supervisor, adopt technical implementing measures concerning inter alia the circumstances, format and procedures applicable to the information and notification requirements referred to in this Article. The Commission shall involve all relevant stakeholders in order particularly to be informed of the best available technical and economic means of implementation of this Article.
Those measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 14a (2). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 14a (3). Those measures, designed to amend non-essential elements of this Directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 14a(2).
' ''(45a) The competent national authorities should promote the interests of the citizens of the European Union by, inter alia, contributing to ensuring a high level of protection of personal data and privacy. To this end, they should have the necessary means to perform their duties, including comprehensive and reliable data about actual security incidents that have led to the personal data of individuals being compromised. They should monitor measures taken and disseminate best practices among providers of publicly available electronic communications services. Providers should therefore maintain an inventory of personal data breaches to enable further analysis and evaluation by the competent national authorities.''
' ''(45b) Community law imposes duties on data controllers regarding the processing of personal data, including an obligation to implement appropriate technical and organisational protection measures against e.g. loss of data. The data breach notification requirements contained in Directive 2002/58/EC (Directive on privacy and electronic communications) provide a structure for notifying the competent authorities and individuals concerned when personal data has nevertheless been compromised. Those notification requirements are limited to security breaches which occur in the electronic communications sector. However, the notification of security breaches reflects a general interest of citizens to be informed about security failures which may result in their personal data being lost or otherwise compromised and about available or advisable precautions that they may take in order to minimise possible economic loss or social harm that could result from such failures. This general interest for users to be notified is clearly not limited to the electronic communications sector and therefore explicit, mandatory notification requirements applicable to all sectors should be introduced at the Community level as a matter of priority. Pending a review to be carried out by the Commission of all relevant Community legislation in that regard, the Commission, in consultation with the European Data Protection Supervisor, should take appropriate steps without delay to encourage the application of the principles embodied in the data breach notification rules in Directive 2002/58/EC (Directive on privacy and electronic communications) throughout the Community, regardless of sector or type of the data concerned.''
Article 5
European Commission Initial Proposal European Parliament Second Reading
Article 5 − Confidentiality of the communications Article 5 − Confidentiality of the communications
1. Member States shall ensure the confidentiality of communications and the related traffic data by means of a public communications network and publicly available electronic communications services, through national legislation. In particular, they shall prohibit listening, tapping, storage or other kinds of interception or surveillance of communications and the related traffic data by persons other than users, without the consent of the users concerned, except when legally authorised to do so in accordance with Article 15(1). This paragraph shall not prevent technical storage which is necessary for the conveyance of a communication without prejudice to the principle of confidentiality. 1. Member States shall ensure the confidentiality of communications and the related traffic data by means of a public communications network and publicly available electronic communications services, through national legislation. In particular, they shall prohibit listening, tapping, storage or other kinds of interception or surveillance of communications and the related traffic data by persons other than users, without the consent of the users concerned, except when legally authorised to do so in accordance with Article 15(1). This paragraph shall not prevent technical storage which is necessary for the conveyance of a communication without prejudice to the principle of confidentiality.
2. Paragraph 1 shall not affect any legally authorised recording of communications and the related traffic data when carried out in the course of lawful business practice for the purpose of providing evidence of a commercial transaction or of any other business communication. 2. Paragraph 1 shall not affect any legally authorised recording of communications and the related traffic data when carried out in the course of lawful business practice for the purpose of providing evidence of a commercial transaction or of any other business communication.
3. Member States shall ensure that the storing of information, or gaining access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned is provided with clear and comprehensive information in accordance with Directive 95/46/EC, inter alia about the purposes of the processing and is offered the right to refuse such processing by the data controller. This shall not prevent any technical storage or access for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network, or as strictly necessary in order to provide an information society service explicitly requested by the subscriber or user. 3. Member States shall ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his/her consent, having been provided with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia about the purposes of the processing. This shall not prevent any technical storage or access for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network, or as strictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service.
Article 6
European Commission Initial Proposal European Parliament Second Reading
Article 6 − Traffic data Article 6 − Traffic data
1. Traffic data relating to subscribers and users processed and stored by the provider of a public communications network or publicly available electronic communications service must be erased or made anonymous when it is no longer needed for the purpose of the transmission of a communication without prejudice to paragraphs 2, 3 and 5 of this Article and Article 15(1). 1. Traffic data relating to subscribers and users processed and stored by the provider of a public communications network or publicly available electronic communications service must be erased or made anonymous when it is no longer needed for the purpose of the transmission of a communication without prejudice to paragraphs 2, 3 and 5 of this Article and Article 15(1).
2. Traffic data necessary for the purposes of subscriber billing and interconnection payments may be processed. Such processing is permissible only up to the end of the period during which the bill may lawfully be challenged or payment pursued. 2. Traffic data necessary for the purposes of subscriber billing and interconnection payments may be processed. Such processing is permissible only up to the end of the period during which the bill may lawfully be challenged or payment pursued.
3. For the purpose of marketing electronic communications services or for the provision of value added services, the provider of a publicly available electronic communications service may process the data referred to in paragraph 1 to the extent and for the duration necessary for such services or marketing, if the subscriber or user to whom the data relate has given his/her consent. Users or subscribers shall be given the possibility to withdraw their consent for the processing of traffic data at any time. 3. For the purpose of marketing electronic communications services or for the provision of value added services, the provider of a publicly available electronic communications service may process the data referred to in paragraph 1 to the extent and for the duration necessary for such services or marketing, if the subscriber or user to whom the data relate has given his or her prior consent. Users or subscribers shall be given the possibility to withdraw their consent for the processing of traffic data at any time.
4. The service provider must inform the subscriber or user of the types of traffic data which are processed and of the duration of such processing for the purposes mentioned in paragraph 2 and, prior to obtaining consent, for the purposes mentioned in paragraph 3. 4. The service provider must inform the subscriber or user of the types of traffic data which are processed and of the duration of such processing for the purposes mentioned in paragraph 2 and, prior to obtaining consent, for the purposes mentioned in paragraph 3.
5. Processing of traffic data, in accordance with paragraphs 1, 2, 3 and 4, must be restricted to persons acting under the authority of providers of the public communications networks and publicly available electronic communications services handling billing or traffic management, customer enquiries, fraud detection, marketing electronic communications services or providing a value added service, and must be restricted to what is necessary for the purposes of such activities. 5. Processing of traffic data, in accordance with paragraphs 1, 2, 3 and 4, must be restricted to persons acting under the authority of providers of the public communications networks and publicly available electronic communications services handling billing or traffic management, customer enquiries, fraud detection, marketing electronic communications services or providing a value added service, and must be restricted to what is necessary for the purposes of such activities.
6. Paragraphs 1, 2, 3 and 5 shall apply without prejudice to the possibility for competent bodies to be informed of traffic data in conformity with applicable legislation with a view to settling disputes, in particular interconnection or billing disputes. 6. Paragraphs 1, 2, 3 and 5 shall apply without prejudice to the possibility for competent bodies to be informed of traffic data in conformity with applicable legislation with a view to settling disputes, in particular interconnection or billing disputes.
' ''(41) The processing of traffic data to the extent strictly necessary for the purposes of ensuring network and information security, i.e. the ability of a network or an information system to resist, at a given level of confidence, accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted data, and the security of the related services offered by or accessible via these networks and systems, by providers of security technologies and services when acting as data controllers is subject to Article 7(f) of Directive 95/46/EC. This could, for example, include preventing unauthorised access to electronic communications networks and malicious code distribution and stopping "denial of service" attacks and damage to computer and electronic communication systems.''
Article 14
European Commission Initial Proposal European Parliament Second Reading
Article 14 − Technical features and standardisation Article 14 − Technical features and standardisation
1. In implementing the provisions of this Directive, Member States shall ensure, subject to paragraphs 2 and 3, that no mandatory requirements for specific technical features are imposed on terminal or other electronic communication equipment which could impede the placing of equipment on the market and the free circulation of such equipment in and between Member States. 1 In implementing the provisions of this Directive, Member States shall ensure, subject to paragraphs 2 and 3, that no mandatory requirements for specific technical features are imposed on terminal or other electronic communication equipment which could impede the placing of equipment on the market and the free circulation of such equipment in and between Member States.
2. Where provisions of this Directive can be implemented only by requiring specific technical features in electronic communications networks, Member States shall inform the Commission in accordance with the procedure provided for by Directive 98/34/EC of the European Parliament and of the Council of 22 June 1998 laying down a procedure for the provision of information in the field of technical standards and regulations and of rules on information society services(9). 2. Where provisions of this Directive can be implemented only by requiring specific technical features in electronic communications networks, Member States shall inform the Commission in accordance with the procedure provided for by Directive 98/34/EC of the European Parliament and of the Council of 22 June 1998 laying down a procedure for the provision of information in the field of technical standards and regulations and of rules on information society services.
3. Where required, measures may be adopted to ensure that terminal equipment is constructed in a way that is compatible with the right of users to protect and control the use of their personal data, in accordance with Directive 1999/5/EC and Council Decision 87/95/EEC of 22 December 1986 on standardisation in the field of information technology and communications (OJ L 36, 7.2.1987, p. 31. Decision as last amended by the 1994 Act of Accession.). 3. Where required, measures may be adopted to ensure that terminal equipment is constructed in a way that is compatible with the right of users to protect and control the use of their personal data, in accordance with Directive 1999/5/EC and Council Decision 87/95/EEC of 22 December 1986 on standardisation in the field of information technology and communications.
Article 15
European Commission Initial Proposal European Parliament Second Reading
Article 15 − Application of certain provisions of Directive 95/46/EC Article 15 − Application of certain provisions of Directive 95/46/EC
1. Member States may adopt legislative measures to restrict the scope of the rights and obligations provided for in Article 5, Article 6, Article 8(1), (2), (3) and (4), and Article 9 of this Directive when such restriction constitutes a necessary, appropriate and proportionate measure within a democratic society to safeguard national security (i.e. State security), defence, public security, and the prevention, investigation, detection and prosecution of criminal offences or of unauthorised use of the electronic communication system, as referred to in Article 13(1) of Directive 95/46/EC. To this end, Member States may, inter alia, adopt legislative measures providing for the retention of data for a limited period justified on the grounds laid down in this paragraph. All the measures referred to in this paragraph shall be in accordance with the general principles of Community law, including those referred to in Article 6(1) and (2) of the Treaty on European Union. 1. Member States may adopt legislative measures to restrict the scope of the rights and obligations provided for in Article 5, Article 6, Article 8(1), (2), (3) and (4), and Article 9 of this Directive when such restriction constitutes a necessary, appropriate and proportionate measure within a democratic society to safeguard national security (i.e. State security), defence, public security, and the prevention, investigation, detection and prosecution of criminal offences or of unauthorised use of the electronic communication system, as referred to in Article 13(1) of Directive 95/46/EC. To this end, Member States may, inter alia, adopt legislative measures providing for the retention of data for a limited period justified on the grounds laid down in this paragraph. All the measures referred to in this paragraph shall be in accordance with the general principles of Community law, including those referred to in Article 6(1) and (2) of the Treaty on European Union.
1a. Paragraph 1 shall not apply to data specifically required by Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks to be retained for the purposes referred to in Article 1(1) of that Directive.
1b. Providers shall establish internal procedures for responding to requests for access to users' personal data based on national provisions adopted pursuant to paragraph 1. They shall provide the competent national authority, on demand, with information on those procedures, the number of requests received, the legal justification invoked and the response by the provider.
2. The provisions of Chapter III on judicial remedies, liability and sanctions of Directive 95/46/EC shall apply with regard to national provisions adopted pursuant to this Directive and with regard to the individual rights derived from this Directive. 2. The provisions of Chapter III on judicial remedies, liability and sanctions of Directive 95/46/EC shall apply with regard to national provisions adopted pursuant to this Directive and with regard to the individual rights derived from this Directive.
3. The Working Party on the Protection of Individuals with regard to the Processing of Personal Data instituted by Article 29 of Directive 95/46/EC shall also carry out the tasks laid down in Article 30 of that Directive with regard to matters covered by this Directive, namely the protection of fundamental rights and freedoms and of legitimate interests in the electronic communications sector. 3. The Working Party on the Protection of Individuals with regard to the Processing of Personal Data instituted by Article 29 of Directive 95/46/EC shall also carry out the tasks laid down in Article 30 of that Directive with regard to matters covered by this Directive, namely the protection of fundamental rights and freedoms and of legitimate interests in the electronic communications sector.
Article 15a
European Commission Initial Proposal European Parliament Second Reading
Article 15a − Implementation and enforcement Article 15a − Implementation and enforcement
1. Member States shall lay down the rules on penalties applicable to infringements of the national provisions adopted pursuant to this Directive and shall take all measures necessary to ensure that they are implemented. The penalties provided for must be effective, proportionate and dissuasive. The Member States shall notify those provisions to the Commission by the [time-limit for implementation of the amending act] at the latest and shall notify it without delay of any subsequent amendment affecting them. 1. Member States shall lay down the rules on penalties, including sanctions where appropriate, applicable to infringements of the national provisions adopted pursuant to this Directive and shall take all measures necessary to ensure that they are implemented. The penalties provided for must be effective, proportionate and dissuasive and may be applied to cover the period of any breach, even where the breach has subsequently been rectified. The Member States shall notify those provisions to the Commission by ...(The date referred to in Article 4(1).) and shall notify it without delay of any subsequent amendment affecting them.
2. Without prejudice to any judicial remedy which might be available, Member States shall ensure that the national regulatory authority has the power to order the cessation of the infringements referred to in paragraph 1. 2. Without prejudice to any judicial remedy which might be available, Member States shall ensure that the competent national regulatory authority and, where relevant, other national bodies have the power to order the cessation of the infringements referred to in paragraph 1.
3. Member States shall ensure that national regulatory authorities have all the investigative powers and resources necessary, including the possibility to obtain any relevant information they might need to monitor and enforce national provisions adopted pursuant to this Directive. 3. Member States shall ensure that national regulatory authorities and, where relevant, other national bodies have all the necessary investigative powers and resources, including the power to obtain any relevant information they might need to monitor and enforce national provisions adopted pursuant to this Directive.
4. In order to ensure effective cross-border co-operation in the enforcement of the national laws adopted pursuant to this Directive and to create harmonised conditions for the provision of services involving cross-border data flows, the Commission may adopt technical implementing measures, following consultation with the Authority and the relevant regulatory authorities. 4. The relevant national regulatory authorities may adopt measures in order to ensure effective cross-border cooperation in the enforcement of the national laws adopted pursuant to this Directive and to create harmonised conditions for the provision of services involving cross-border data flows.
The measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 14a (2). On imperative grounds of urgency, the Commission may use the urgency procedure referred to in Article 14a (3). The national regulatory authorities shall provide the Commission, in good time before adopting any such measures, with a summary of the regulatory procedure with scrutiny referred to in Article 14a (2). On imperative grounds for action, the envisaged measures and the proposed course of action. The Commission may, having examined such information and consulted the European etwork and Information Security Agency (E ISA) and the Working Party on the Protection of Individuals with regard to the Processing of Personal Data established by Article 29 of Directive 95/46/EC, make comments or recommendations thereupon, in particular to ensure that the measures do not adversely affect the functioning of the internal market. National regulatory authorities shall take the utmost account of the Commission's comments or recommendations when deciding on the measures.
' ''(40b) When defining the implementing measures on the security of processing, in accordance with the regulatory procedure with scrutiny, the Commission should consult all relevant European authorities and organisations (the European etwork and Information Security Agency), the European Data Protection Supervisor and the Working Party on the Protection of Individuals with regard to the Processing of Personal Data established by Article 29 of Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ L 281, 23.11.1995, p. 31.)) as well as all other relevant stakeholders, particularly in order to be informed of the best available technical and economic methods for improving the implementation of Directive 2002/58/EC (Directive on privacy and electronic communications).''
(36) The need to ensure an adequate level of protection of privacy and personal data transmitted and processed in connection with the use of electronic communications networks in the Community calls for effective implementation and enforcement powers in order to provide adequate incentives for compliance. National regulatory authorities should have sufficient powers and resources to investigate cases of non-compliance effectively, including the possibility to obtain any relevant information they might need, to decide on complaints and to impose sanctions in cases of non-compliance. ''(54) The need to ensure an adequate level of protection of privacy and personal data transmitted and processed in connection with the use of electronic communications networks in the Community calls for effective implementation and enforcement powers in order to provide adequate incentives for compliance. Competent national authorities and, where appropriate, other relevant national bodies should have sufficient powers and resources to investigate cases of non-compliance effectively, including powers to obtain any relevant information they might need, to decide on complaints and to impose sanctions in cases of non-compliance.
' ''(55) The implementation and enforcement of the provisions of this Directive often require cooperation between the national regulatory authorities of two or more Member States, for example in combating cross-border spam and spyware. In order to ensure smooth and rapid cooperation in such cases, procedures relating for example to the quantity and format of information exchanged between authorities, or deadlines to be complied with, should be defined by the relevant national authorities, subject to examination by the Commission. Such procedures will also allow the resulting obligations of market actors to be harmonised, contributing to the creation of a level playing field in the Community.''
Article 18
European Commission Initial Proposal European Parliament Second Reading
Article 18 − Review Article 18 − Review
The Commission shall submit to the European Parliament and the Council, not later than three years after the date referred to in Article 17(1), a report on the application of this Directive and its impact on economic operators and consumers, in particular as regards the provisions on unsolicited communications, taking into account the international environment. For this purpose, the Commission may request information from the Member States, which shall be supplied without undue delay. Where appropriate, the Commission shall submit proposals to amend this Directive, taking account of the results of that report, any changes in the sector and any other proposal it may deem necessary in order to improve the effectiveness of this Directive. The Commission shall submit to the European Parliament and the Council, not later than three years after the date referred to in Article 17(1), a report on the application of this Directive and its impact on economic operators and consumers, in particular as regards the provisions on unsolicited communications, taking into account the international environment. For this purpose, the Commission may request information from the Member States, which shall be supplied without undue delay. Where appropriate, the Commission shall submit proposals to amend this Directive, taking account of the results of that report, any changes in the sector and any other proposal it may deem necessary in order to improve the effectiveness of this Directive.