Skip to main content

EU outlines proposal for new cybercrime reporting regulations

As governments ramp up their defences against global cybercrime networks, the EU has proposed a new set of regulations that would require some organisations, including hospitals, banks and energy providers, to report cyberattacks.

Europe must strengthen its position in the fight against cybercrime, said the EU’s Vice-President for the Digital Agenda, Neelie Kroes.

"The more people rely on the internet the more people rely on it to be secure. A secure internet protects our freedoms and rights and our ability to do business. It's time to take coordinated action - the cost of not acting is much higher than the cost of acting,” said Kroes.

The proposal calls for each country to create a Computer Emergency Response Team, as well as appoint a body that would be responsible for receiving reports of security breaches. These authorities would investigate the attacks and determine whether to publicise them and whether to fine the companies in question for lax security policies.

“For cyberspace to remain open and free, the same norms, principles and values that the EU upholds offline, should also apply online,” said Catherine Ashton, High Representative of the Union for Foreign Affairs and Security Policy.

The proposal comes on the heels of a series of global cybercrime incidents. Meanwhile, the European Commission’s digital security policies have been criticised for being too fragmented to adequately address the issue.