Go to main content
Important legal notice

EUROPA - Europe's Information Society Thematic Portal

Navigation path: European Commission > Information Society
Language navigation: en
Home | News | Calendar | Library | RSS | XML | Search | Contact | Help

Local menu

Alternate presentations: Default layout Alternate layout, printer-friendly and allows font resizing

POLICIES :: eCommunications :: Safe and secure communications

Safe and secure communications

Access to information and communication technologies brings many benefits to citizens and business across Europe. But all communication technologies are two-way channels which also have the potential to allow intrusion and loss of confidentiality. Ensuring that European telecommunications systems operate with maximum security is a primary aim for regulators.

As more and more of our daily activities involve the use of some form of electronic communication network we need to be confident that these networks are secure against intrusion or disruption. Huge economic interests rely on the security of these networks and if public confidence in their use is undermined due to security concerns, then the full potential of the Information Society will never be realised.

Basic guarantees of network security are essential. If you visit a website and download information you do not want to be spied on by others. If you use a credit card to buy on-line you do not want your card details to be copied. If you send an e-mail or text message you do not expect it to be read by anyone other than the intended recipient.

The Privacy and Electronic Communications Directive requires providers to guarantee the security of networks and services at a level appropriate to the potential risk. If the providers cannot deliver this guarantee they must inform users of the risk and advise them on possible security measures which the user themselves could take.

Stop Spam!

The use of e-mail, web-based services, phone and fax has brought people closer together and helped accelerate the pace of business. However the ease with which they allow us to communicate with more people, increasingly has a downside: the possibility to be overwhelmed with unsolicited communication.

‘Spam’, including unsolicited e-mail, text messages or phone calls, is a significant irritant of modern life. And has an economic cost to society.

The Privacy and Electronic Communications Directive requires Member States to prohibit the sending of such unsolicited communications unless the consent of the addressee has been obtained. Individuals must be asked to opt-in for communications when a first transfer of personal data is made to an organisation – for instance when opening an account – and given the choice to opt-out with all subsequent communications.

The Directive covers all data that travel over public networks in Europe and therefore includes any data or services – for example spam e-mails – which originate outside the EU. It also prohibits marketing messages by e-mail and phone which conceal or disguise the identity of the sender.

Cookies and crime

The Privacy and Electronic Communications Directive effectively extended the protection of confidentiality to all forms of private communications over public electronic networks in EU Member States.

Personal computers and sophisticated mobile phones offer users many new possibilities for communications over public networks. However, they also offer the opportunity for third parties to gain access to personal information stored within them or to install or store their own information or programs on other people's equipment.

The purpose of this largely invisible form of intrusion may vary from malicious destruction of data (e.g. viruses) and information theft, to the more benign use of cookies to confirm user rights or record user preferences for marketing. Some purposes are perfectly harmless or even useful for the user, while other objectives are clearly very harmful and threatening. But for all cases, it is a major concern that the user is often unaware of the intrusion.

To remedy this problem, the Privacy and Electronic Communications Directive requires that access to or storing information on a user's device, perhaps their PC or mobile phone, is only allowed if the user is given clear information about the purpose of the intrusion and is offered the right to refuse it. This will gives effective control back to the user.

This procedure applies to so-called spyware (hidden espionage programs), Trojan horses (programs hidden in messages or in other apparently innocent software) and also to cookies (tracking devices which register users' preferences as they visit websites).

To reinforce the Directive, Member States have also adopted a Framework Decision on Illegal Attacks against Information Systems which enables spyware-related activities to be punishable in national law, from March 2007, with penalties of up to several years imprisonment.

Home | News | Calendar | Library | RSS | XML | Search | Contact | Help