Telecoms Package Voted Amendments

In the following amendments, amended text with regard to Commission's initial proposal is highlighted in bold italics. In the case of amending acts, passages in an existing provision that the Commission has left unchanged, but that Parliament wishes to amend, are highlighted in bold. Any deletions that Parliament wishes to make in passages of this kind are stroke out.

COD/2007/0247 - Trautmann report (networks and services)

 * Text adopted by European parliament

Amendment 61 --

 * Article 1 – point 8 – point e amending Directive 2002/21/EC Article 8 – paragraph 4 – point g

(g) applying the principle that end-users should be able to access and distribute any lawful content and use any lawful applications and/or services of their choice and for this purpose contributing to the promotion of lawful content in accordance with Article 33 of Directive 2002/22/EC (Universal Service Directive).

Amendment 64 --

 * Article 1 – point 9 amending Directive 2002/21/EC Article 9

Article 9 Management of radio frequencies for electronic communications services 1. Taking due account of the fact that radio frequencies are a public good that has an important social, cultural and economic value, Member States shall ensure the effective management of radio frequencies for electronic communication services in their territory in accordance with Articles 8 and 8a. They shall ensure that the allocation and assignment of such radio frequencies by national regulatory authorities are based on objective, transparent, non discriminatory and proportionate criteria. In so doing, they shall act in accordance with international agreements and may take public policy considerations into account. 2. Member States shall promote the harmonisation of use of radio frequencies across the Community, consistent with the need to ensure effective and efficient use thereof and in pursuit of benefits for the consumer such as economies of scale and interoperability of 'services. In so doing, they shall act in accordance with Articles 8a' and 9c of this Directive, and with Decision No 676/2002/EC (Radio Spectrum Decision). 3. Unless otherwise provided in the second subparagraph or in the measures adopted pursuant to Article 9c, Member States shall, ensure that all types of technologies used for electronic communications services may be used in the radio frequency bands available for electronic communications services in accordance with the ITU Radio Regulations. Member States may, however, provide for proportionate and non-discriminatory restrictions to the types of technologies used for electronic communication services where this is necessary to: (a) avoid the possibility of harmful interference, (b) protect public health against electromagnetic fields, (ba) ensure technical quality of service, (c) ensure maximisation of radio frequency sharing, (ca) safeguard the efficient use of radio frequencies, (d) fulfil a general interest objective in accordance with paragraph 4 below. 4. Unless otherwise provided in the second subparagraph, Member States shall ensure that all types of electronic communications services may be provided in the radio frequency bands available for electronic communications services in accordance with their national frequency allocation plans and with the ITU Radio Regulations. The Member States may, however, provide for proportionate and non discriminatory restrictions to the types of electronic communications services to be provided. Measures that require an electronic communications service to be provided in a specific band available for electronic communications services shall be justified in order to ensure the fulfilment of a general interest objective as defined in national legislation in conformity with Community law, such as safety of life, the promotion of social, regional or territorial cohesion, the avoidance of inefficient use of radio frequencies, or the promotion of cultural and media policy objectives such as cultural and linguistic diversity and media pluralism. A measure which prohibits the provision of any other electronic communications service in a specific band may only be provided for where justified by the need to protect safety of life services. 5. Member States shall regularly review the necessity of the restrictions and measures referred to in paragraphs 3 and 4 and shall make the results of these reviews public. 6. Paragraphs 3 and 4 shall apply to the allocation and assignment of radio frequencies after [date of transposition].

Amendment 98 --

 * Article 2 – point 6 a (new) amending Directive 2002/19/EC Article 9 – paragraph 1

(6a) In Article 9, paragraph 1 is replaced by the following: "1. National regulatory authorities may, in accordance with the provisions of Article 8, impose obligations for transparency in relation to interconnection and/or access, requiring operators to make public specified information, such as accounting information, technical specifications, network characteristics, restrictions on access to services and applications, traffic management policies, terms and conditions for supply and use, and prices."

Amendment 100 --

 * Article 2 – point 8 amending Directive 2002/19/EC Article 12

1. A national regulatory authority may, in accordance with the provisions of Article 8, impose obligations on operators to meet reasonable requests for access to, and use of, specific network elements and associated facilities, inter alia in situations where the national regulatory authority considers that denial of access or unreasonable terms and conditions having a similar effect would hinder the emergence of a sustainable competitive market at the retail level, or would not be in the end-user's interest. Operators shall be required inter alia: (a) to give third parties access to specified network elements and/or facilities, including unbundled access to the local loop; (b) to negotiate in good faith with undertakings requesting access; (c) not to withdraw access to facilities already granted; (d) to provide specified services on a wholesale basis for resale by third parties; (e) to grant open access to technical interfaces, protocols or other key technologies that are indispensable for the interoperability of services or virtual network services; (f) to provide co-location or other forms of facility sharing, including the sharing of ducts, buildings or entry to buildings, antennae towers and other supporting constructions, masts, manholes, cabinets and other network elements which are not active; (fa) to provide third parties with a reference offer for the granting of access to ducts; (g) to provide specified services needed to ensure interoperability of end-to-end services to users, including facilities for intelligent network services or roaming on mobile networks; (h) to provide access to operational support systems or similar software systems necessary to ensure fair competition in the provision of services; (i) to interconnect networks or network facilities; (j) to provide access to associated services such as identity, location and presence capability. National regulatory authorities may attach to those obligations conditions covering fairness, reasonableness and timeliness. 2. When national regulatory authorities are considering whether to impose the obligations referred in paragraph 1, and in particular when assessing whether such obligations would be proportionate to the objectives set out in Article 8 of Directive 2002/21/EC (Framework Directive), they shall take account in particular of the following factors: (a) the technical and economic viability of using or installing competing facilities, in the light of the rate of market development, taking into account the nature and type of interconnection and access involved, including the viability of other upstream access products such as access to ducts; (b) the feasibility of providing the access proposed, in relation to the capacity available; (c) the initial investment by the facility owner, bearing in mind any public investment made and the risks involved in making the investment, including an appropriate risk-sharing among those undertakings enjoying access to these new facilities; (d) the need to safeguard competition in the long term, in particular infrastructure-based competition (e) where appropriate, any relevant intellectual property rights; (f) the provision of pan-European services. 3. When imposing obligations on an operator to provide access in accordance with the provisions of this Article, national regulatory authorities may lay down technical or operational conditions to be met by the provider and/or beneficiaries of such access where necessary to ensure normal operation of the network. Obligations to follow specific technical standards or specifications shall be in compliance with the standards and specifications laid down in accordance with Article 17 of Directive 2002/21/EC (Framework Directive).

Amendment 120 ++

 * Annex I – point 3 – point g amending Directive 2002/20/EC Annex I – part A – point 19

19. Compliance with national measures implementing Directive 2001/29/EC of the European Parliament and of the Council and Directive 2004/48/EC of the European Parliament and of the Council.

Amendment 138 +++

 * Article 1 – point 8 – point e a (new) amending Directive 2002/21/EC Article 8 – paragraph 4 – point g a (new) tabled by Guy Bono, Daniel Cohn-Bendit, Zuzana Roithová and others, with oral amendment

(ea) In paragraph 4, point (ga) is added: "(ga) applying the principle that no restriction may be imposed on the fundamental rights and freedoms of end-users, notably in accordance with Article 11 of the Charter of Fundamental Rights of the European Union on freedom of expression and information, without a prior ruling by the judicial authorities, save when public security is threatened where the ruling may be subsequent."

COD/2007/0248 - Harbour report (network user's rights, privacy, consumer protection, ...)

 * Text adopted by European parliament

Amendment 11 --

 * Recital 14

(14) End-users should decide what lawful content they want to be able to send and receive, and which services, applications, hardware and software they want to use for such purposes, without prejudice to the need to preserve the integrity and security of networks and services. A competitive market with transparent offerings as provided for in Directive 2002/22/EC should ensure that end-users are able to access and distribute any lawful content and to use any lawful applications and/or services of their choice, as stated in Article 8 of Directive 2002/21/EC. Given the increasing importance of electronic communications for consumers and businesses, users should in any case be fully informed of any restrictions and/or limitations imposed on the use of electronic communications services by the service and/or network provider. Such information should, at the option of the provider, specify either the type of content, application or service 'concerned, or individual applications or services, or both. Depending' on the technology used and the type of restriction and/or limitation, such restrictions and/or limitations may require user consent under Directive 2002/58/EC (Privacy Directive).

Amendment 12 --

 * Recital 14 a (new)

(14a) A competitive market should also ensure that users are able to have the quality of service they require, but in particular cases it may be necessary to ensure that public communications networks attain minimum quality levels so as to prevent degradation of service, usage 'restrictions and/or limitations and the slowing of traffic. Where' there is a lack of effective competition, national regulatory authorities should use the remedies available to them under the Directives establishing the regulatory framework for electronic communications networks and services to ensure that users' access to particular types of content or applications is not unreasonably 'restricted. It should also be possible for national regulatory' authorities to issue guidelines setting minimum quality of service requirements under Directive 2002/22/EC and to take other measures where such other remedies have, in their judgement, not been effective with regard to the interests of users and all other 'relevant circumstances. Such guidelines or measures could include the' provision of a basic tier of unrestricted services.

Amendment 14 --

 * Recital 14 d (new)

(14d) Since inconsistent remedies will significantly impair the achievement of the internal market, the Commission should assess any guidelines or other measures adopted by national regulatory authorities for possible regulatory intervention across the Community and, if necessary, adopt technical implementing measures in order to achieve consistent application throughout the Community.

Amendment 27

 * (Amendment 2 of the LIBE opinion) Recital 26 b (new)

(26b) When defining the implementing measures on the security of processing, in accordance with the regulatory procedure with scrutiny, the Commission should consult all relevant European authorities and organisations (ENISA, the European Data Protection Supervisor and the Article 29 Working Party) as well as all other relevant stakeholders, particularly in order to be informed of the best available technical and economic methods for improving the implementation of Directive 2002/58/EC.

Amendment 28

 * (Amendment 3 of the LIBE opinion) Recital 26 c (new)

(26c) The provisions of Directive 2002/58/EC particularise and complement Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of 'such data [OJ L 281, 23.11.1995, p. 31. Directive as amended by' Regulation (EC) No 1882/2003.] and provide for the legitimate interests of subscribers who are natural or legal persons.

Amendment 35 --

 * (Amendment 10 of the LIBE opinion) Recital 30 b (new)

(30b) When implementing measures transposing Directive 2002/58/EC, the authorities and courts of the Member States should not only interpret their national law in a manner consistent with that Directive, but should also ensure that they do not rely on an interpretation of that Directive which would be in conflict with other fundamental rights or general principles of Community law, such as the principle of proportionality.

Amendment 62 --

 * Article 1 – point 12 amending Directive 2002/22/EC Article 20 – paragraph 2 – subparagraph 1 – point (b)

(b) services provided, including in particular: - where access to emergency services and caller location information is to be provided under Article 26, the level of reliability of such access, where relevant, and whether access is provided in the whole of the national territory, - information on any restrictions imposed by the provider regarding a subscriber's ability to access, use or distribute lawful content or run lawful applications and services, - the service quality levels, with reference to any parameters specified under Article 22(2) as appropriate, - types of maintenance and customer support services offered, as well as how to contact customer support, - the time for the initial connection, and - any restrictions on the use of terminal equipment imposed by the provider;

Amendment 67 --

 * Article 1 – point 12 amending Directive 2002/22/EC Article 20 – paragraph 2 – subparagraph 2

The contract shall also include any information provided by the relevant public authorities on the use of electronic communications networks and services to engage in unlawful activities or to disseminate harmful content, and on the means of protection against risks to personal security, privacy and personal data referred to in Article 21(4a) and relevant to the service provided.

Amendment 70 ++

 * Article 1 – point 12 amending Directive 2002/22/EC Article 20 – paragraph 5

5. Member States shall ensure that where contracts are concluded between subscribers and undertakings providing electronic communications services and/or networks, subscribers are clearly informed in advance of the conclusion of a contract and regularly thereafter of any limitations imposed by the provider on their ability to access or distribute lawful content or run any lawful applications and services of their choice.

Amendment 71 ++

 * Article 1 – point 12 amending Directive 2002/22/EC Article 20 – paragraph 6

6. Member States shall ensure that where contracts are concluded between subscribers and undertakings providing electronic communications services and/or networks, subscribers are clearly informed in advance of the conclusion of the contract and regularly thereafter of their obligations to respect copyright and related rights. Without prejudice to Directive 2000/31/EC on electronic commerce, this includes the obligation to inform subscribers of the most common acts of infringements and their legal consequences.

Amendment 75 --

 * Article 1 – point 12 amending Directive 2002/22/EC Article 21 – paragraph 4

4. Member States shall ensure that national regulatory authorities are able to oblige undertakings providing connection to a public electronic communications network and/or electronic communications services to inter alia: (a) provide applicable tariff information to subscribers regarding any number or service subject to particular pricing conditions; with respect to individual categories of services national regulatory authorities may require such information to be provided prior to connecting the call; (b) regularly remind subscribers of any lack of reliable access to emergency services or caller location information in the service they have subscribed to; (c) inform subscribers of any change to any restrictions imposed by the undertaking on their ability to access, use or distribute lawful content or run lawful applications and services of their choice; (d) inform subscribers of their right to include their personal data in a directory, and of the types of data concerned; and (e) regularly inform disabled subscribers of details of current products and services aimed at them. If deemed appropriate, national regulatory authorities may promote self-or co-regulatory measures prior to imposing any obligation.

Amendment 76 --

 * Article 1 – point 12 amending Directive 2002/22/EC Article 21 – paragraph 4 a (new)

'4a. Member States shall ensure that national regulatory authorities' oblige the undertakings referred to in paragraph 4 to distribute public interest information to existing and new subscribers where 'appropriate. Such information shall be produced by the relevant' public authorities in a standardised format and shall inter alia cover the following topics: (a) the most common uses of electronic communications services to engage in unlawful activities or to disseminate harmful content, particularly where it may prejudice respect for the rights and freedoms of others, including infringements of copyright and related right, and their consequences; and (b) means of protection against risks to personal security, privacy and personal data in using electronic communications services. Significant additional costs incurred by an undertaking in complying with these obligations shall be reimbursed by the relevant public authorities.

Amendment 101 --

 * Article 1 – point 16 amending Directive 2002/22/EC Article 28 – paragraph 2 a (new)

'2a. Member States shall ensure that national regulatory authorities' are able to require undertakings providing public communications networks to provide information regarding the management of their networks in connection with any limitations or restrictions on end-user access to or use of services, content or applications. Member States shall ensure that national regulatory authorities have all the powers necessary to investigate cases in which undertakings have imposed limitations on end-user access to services, content or applications.

Amendment 112 --

 * Article 1 – point 20 – point a a (new) amending Directive 2002/22/EC Article 33 – paragraph 2 a (new)

(aa) the following paragraph shall be added: '2a. Without prejudice to national rules in conformity with Community' law promoting cultural and media policy objectives, such as cultural and linguistic diversity and media pluralism, national regulatory authorities and other relevant authorities shall as far as appropriate promote cooperation between undertakings providing electronic communications networks and/or services and the sectors interested in the promotion of lawful content in electronic 'communication networks and services. That co-operation may also' include coordination of the public interest information to be made available under Article 21(4a) and Article 20(2).

Amendment 113 -
3. Member States shall submit a yearly report to the Commission and the Authority on the measures taken and the progress towards improving interoperability and use of, and access to, electronic communications services and terminal equipment by disabled end-users.
 * Article 1 – point 20 – point b Directive 2002/22/EC Article 33 – paragraph 3 deletion

Amendment 117 --

 * Article 1 – point 21 amending Directive 2002/22/EC Article 34 – paragraph 1 – subparagraph 2 a (new)

Member States shall encourage trustworthy out-of-court procedures, with specific regard to the interaction of audiovisual and electronic communications.

Amendment 122 --

 * (Amendment 19 of the LIBE opinion) Article 2 – point 3 – point a a (new) amending Directive 2002/58/EC Article 4 – paragraphs 1 a and 1 b (new)

(aa) the following paragraphs shall be inserted: '1a. Without prejudice to the provisions of Directive 95/46/EC and' Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks [OJ L 105, 13.4.2006, p. 54.], these measures shall include: - appropriate technical and organisational measures to ensure that personal data can be accessed only by authorised personnel for legally authorised purposes and to protect personal data stored or transmitted against accidental or unlawful destruction, accidental loss or alteration and unauthorised or unlawful storage, processing, access or disclosure; - appropriate technical and organisational measures to protect the network and services against accidental, unlawful or unauthorised usage or interference with or hindering of their functioning or availability; - a security policy with respect to the processing of personal data; - a process for identifying and assessing reasonably foreseeable vulnerabilities in the systems maintained by the provider of electronic communications services, which shall include regular monitoring for security breaches; and - a process for taking preventive, corrective and mitigating action against any vulnerabilities discovered in the process described under the fourth indent and a process for taking preventive, corrective and mitigating action against security incidents that can lead to a security breach. '1b. National regulatory authorities shall be able to audit the' measures taken by providers of publicly available electronic communication services and information society services and to issue recommendations about best practices and performance indicators concerning the level of security which these measures should achieve.

Amendment 124 -

 * (Amendment 21 of the LIBE opinion) Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 3 a (new)

'3a. The competent authority shall consider and determine the' 'seriousness of the breach. If the breach is deemed to be serious, the' competent authority shall require the provider of publicly available electronic communications services and the provider of information society services to give an appropriate notification without undue 'delay to the persons affected by the breach. The notification shall' contain the elements described in paragraph 3. The notification of a serious breach may be postponed in cases where the notification may hinder the progress of a criminal investigation related to the serious breach. Providers shall annually notify affected users of all breaches of security that have led to the accidental or unlawful destruction, loss or alteration or the unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed in connection with the provision of publicly available communications services in the Community. National regulatory authorities shall also monitor whether companies have complied with their notification obligations under this Article and impose appropriate sanctions, including publication, as appropriate, in the event of a failure to do so.

Amendment 125 -

 * (Amendment 22 of the LIBE opinion) Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 3 b (new)

'3b. The seriousness of a breach requiring notification to subscribers' shall be determined according to the circumstances of the breach, such as the risk to the personal data affected by the breach, the type of data affected by the breach, the number of subscribers involved, and the immediate or potential impact of the breach on the provision of services.

Amendment 127

 * (Amendment 24 of the LIBE opinion) Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 4 – subparagraph 1

4. In order to ensure consistency in implementation of the measures referred to in paragraphs 1, 2, 3, 3a, 3b and 3c, the Commission shall, following consultation with the European Data Protection Supervisor, relevant stakeholders and ENISA, recommend technical implementing measures concerning inter alia the measures described in paragraph 1a and the circumstances, format and procedures applicable to information and notification requirements referred to in paragraphs 3a and 3b. The Commission shall involve all relevant stakeholders, particularly in order to be informed of the best available technical and economic methods for improving the implementation of this Directive.

Amendment 135 +

 * (Amendment 33 of the LIBE opinion) Article 2 – point 5 b(new) amending Directive 2002/58/EC Article 14 – paragraph 3

(5b) Article 14(3) shall be replaced by the following: "3. Where required, measures may be adopted to ensure that terminal equipment is constructed in a way that is compatible with the right of users to protect and control the use of their personal data, in accordance with Directive 1999/5/EC and Council Decision 87/95/EEC of 22 December 1986 on standardisation in the field of information technology and communications. Such measures shall respect the principle of technology neutrality."

Amendment 157 ++

 * Annex I – Part B – point b b (new) amending Directive 2002/22/EC Annex I – Part B – point b b (new) tabled by IND/DEM

(bb) Protection software Member States shall ensure that national regulatory authorities are able to require operators to make available free of charge to their subscribers reliable, easy-to-use, and freely and fully configurable protection and/or filtering software to prevent access by children or vulnerable people to content unsuitable to them. Traffic monitoring data that this software may collect is for the sole use of the subscriber only.''

Amendment 163 ++

 * Annex I – Part B – point b b (new) amending Directive 2002/22/EC Annex I – Part B – point b b (new) tabled by GUE/NGL

(bb) Protection software Member States shall ensure that national regulatory authorities are able to require operators to make available free of charge to their subscribers reliable, easy-to-use, and freely and fully configurable protection and/or filtering software to prevent access by children or vulnerable people to content unsuitable to them. Traffic monitoring data that this software may collect is for the sole use of the subscriber only.''

Amendment 166 ++

 * Article 1 – point 19 a (new) amending Directive 2002/22/EC Article 32 a (new) tabled by GUE/NGL

Article 32a ACCESS TO CONTENT, SERVICES AND APPLICATIONS Member States shall ensure that any restrictions to users' rights to access content, services and applications, if they are necessary, shall be implemented by appropriate measures, in accordance with the principles of proportionality, effectiveness and dissuasiveness. These measures shall not have the effect of hindering the development of the information society, in compliance with the Directive 2000/31/EC, and shall not conflict with citizens' fundamental rights, including the right to privacy and the right to due process.

Amendment 174 ++

 * Annex I – Part B – point b b (new) amending Directive 2002/22/EC Annex I – Part B – point b b (new) tabled by Verts/ALE

(bb) Protection software Member States shall ensure that national regulatory authorities are able to require operators to make available free of charge to their subscribers reliable, easy-to-use and freely and fully configurable protection and/or filtering software to prevent access by children or 'vulnerable people to content unsuitable to them. Traffic monitoring' data that this software may collect is for the sole use of the subscriber only.

Amendment 180 +

 * Recital 26 a (new) compromise tabled by PPE-DE, PSE and ALDE

(26a) The processing of traffic data for network and information security purposes, ensuring the availability, authenticity, integrity and confidentiality of stored or transmitted data will enable the processing of such data for the legitimate interest of the data controller for the purpose of preventing unauthorized access and malicious code distribution, stopping the denial of service attacks, 'and damages to computer and electronic communication systems. The' European Network and Information Security Agency (ENISA) should publish regular studies with the purpose of illustrating the types of processing allowed under Article 6 of this Directive.

Amendment 181 +

 * Article 2 – point 4 b (new) amending Directive 2002/58/EC Article 6 – paragraph 6a (new) compromise tabled by PPE-DE, PSE and ALDE

(4b) in Article 6, the following paragraph shall be added: "6a. Without prejudice to compliance with the provisions other than Article 7 of Directive 95/46/EC and Article 5 of this Directive, traffic data may be processed for the legitimate interest of the data controller for the purpose of implementing technical measures to ensure the network and information security, as defined by Article 4 (c) of Regulation (EC) 460/2004 of the European Parliament and of the Council of 10 March 2004 establishing the European Network and Information Security Agency [OJ L 77, 13.3.2004, p. 1.], of a public electronic communication service, a public or private electronic communications network, an information society service or related terminal and electronic communication equipment, except where such interests are overridden by the interests for the fundamental rights 'and freedoms of the data subject. Such processing must be restricted' to that which is strictly necessary for the purposes of such security activity."

Amendment 182 --

 * Recital 28 compromise tabled by ALDE, PPE-DE and PSE

(28) Technological progress allows the development of new applications based on devices for data collection and identification, which may be contactless devices using radio frequencies. For example, Radio Frequency Identification Devices (RFID) use radio frequencies to capture data from uniquely identified tags, which can then be transferred over existing communications networks. The wide use of such technologies can bring considerable economic and social benefits and thus make a powerful contribution to the internal market if their use is acceptable to citizens. To achieve that, it is necessary to ensure that all the fundamental rights of individuals, including the right to privacy and data protection, are safeguarded. When such devices are connected to publicly available electronic communications networks or make use of electronic communications services as a basic infrastructure, the relevant provisions of Directive 2002/58/EC, including those on security, traffic and location data and on confidentiality, should apply.

Amendment 183 -

 * Recital 29 compromise tabled by ALDE, PPE-DE and PSE

(29) A breach of security resulting in the loss or compromising personal data of a subscriber or individual may, if not addressed in an adequate and timely manner, result in substantial harm to users. Therefore, the national regulatory authority or other competent national authority should be notified by the relevant service provider of every security breach without delay. The competent authority should determine the seriousness of the breach and should require the relevant service providers to give an appropriate notification without undue delay to the persons affected by the 'breach, as appropriate. Furthermore, and in cases where there is' an imminent and direct danger for consumers' rights and interests (such as in cases of unauthorized access to the content of e-mails, access to credit card records, etc.), the relevant service providers should, in addition to the competent national authorities, 'immediately notify affected users directly. Finally, providers should' annually notify affected users of all breaches of security under this 'Directive that occurred during the relevant time period. The' notification to the national authorities and to users should include information about measures taken by the provider to address the breach, as well as recommendations for the protection of the users affected.

Amendment 184 -

 * Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 3, subparagraph 1a (new) compromise tabled by ALDE, PPE-DE and PSE

Notification of a security breach to a subscriber or individual shall not be required if the provider has demonstrated to the competent authority that it has implemented appropriate technological protection measures, and those measures were applied to the data 'concerned by the security breach. Such technological protection' measures shall render the data unintelligible to any person who is not authorized to access the data.

Amendment 185
'(27a) IP addresses are essential to the working of the internet. They' identify network participating devices, such as computers or mobile 'smart devices by a number. Considering the different scenarios in' which IP addresses are used, and the related technologies which are rapidly evolving, questions have arisen about their use as personal 'data in certain circumstances. The Commission should' therefore conduct a study regarding IP addresses and their use and present such proposals as may be appropriate.
 * Recital 27 a (new) compromise tabled by ALDE, PPE-DE and PSE

Amendment 186 ++

 * Article 2 – point 7 a (new) amending Directive 2002/58/EC Article 18 – paragraph 1 a (new) compromise tabled by ALDE, PPE-DE and PSE

7a)The following paragraph is added to Article 18: "No later than two years from the date of entry into force of Directive 2008/.../EC [amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on consumer protection cooperation], the Commission shall submit to the European Parliament, the Council and the European Economic and Social Committee a report, based on an in-depth study, with recommendations on standard uses of IP addresses and the application of the ePrivacy and Data Protection Directives as regards their collection and further processing, following the consultation of the EDPS, the Article 29 Working Party, and other stakeholders to include industry representatives."

Amendment 187 +

 * Article 2 – point 3 – point b amending Directive 2002/58/EC Article 4 – paragraph 3 compromise tabled by ALDE, PPE-DE and PSE

3. In case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed in connection with the provision of publicly available communications services in the Community, the provider of publicly available electronic communications services, as well as any undertaking operating on the internet and providing services to consumers, which is the data controller and the provider of information society services shall, without undue delay, notify the national regulatory authority or the competent authority according to the individual law of the Member State of such a breach. The notification to the competent authority shall at least describe the nature of the breach and recommend measures to mitigate its possible negative effects. The notification to the competent authority shall, in addition, describe the consequences of and the measures taken by the provider to address the breach. The provider of publicly available electronic communications services, as well as any undertaking operating on the Internet and providing services to consumers, which is the data controller and the provider of information society services, shall notify their users beforehand to avoid imminent and direct danger to the rights and interests of consumers.

Amendment 190 -

 * Recital 14 c (new) compromise tabled by ALDE, PPE-DE and PSE replace Amendment 13

(14c) Directive 2002/22/EC is without prejudice to reasonable and non-discriminatory network management by providers.

Amendment 191 -

 * Recital 12 c (new) compromise tabled by ALDE, PPE-DE and PSE replace Amendment 9

(12c) In order to address public interest issues with respect to the use of communications services, and to encourage protection of the rights and freedoms of others, the relevant national authorities should be able to produce and have disseminated, with the aid of providers, public interest information related to the use of 'communications services. This information should include public' interest warnings regarding copyright infringement, other unlawful uses and dissemination of harmful content, and advice and means of protection against risks to personal security, which may for example arise from disclosure of personal information in certain 'circumstances, privacy and personal data. The information could be' coordinated by way of the cooperation procedure established in 'Article 33(2a) of Directive 2002/22/EC. Such public interest' information should be updated whenever necessary and it should be presented in easily comprehensible printed and electronic formats, as determined by each Member State, and on national public authority 'websites. National regulatory authorities should be able to oblige' providers to disseminate this standardised information to all their customers in a manner deemed appropriate by the national regulatory 'authorities. Significant additional costs incurred by service' providers for dissemination of such information should be agreed between the providers and the relevant authorities and met by those 'authorities. The information should also be included in contracts.'

Amendment 192

 * Recital 25 compromise tabled by ALDE, PPE-DE and PSE

(25) In order to overcome existing shortcomings in terms of consumer consultation and appropriately address the interests of citizens, Member States should put in place appropriate consultation mechanisms. Such mechanisms could take the form of a body which would, independently from the national regulatory authority as well as from service providers, carry out research on consumer-related issues, such as consumer behaviour and mechanisms for changing suppliers, and which would operate in a transparent manner and contribute to the existing mechanisms for stakeholders’ consultation. Furthermore, a mechanism should be established for the purpose of enabling appropriate cooperation on issues relating to the promotion 'of lawful content. Any cooperation procedures agreed pursuant to such' a mechanism should however not allow for systematic surveillance of internet usage. Where there is a need to address the facilitation of the access to and use of electronic communications services and terminal equipment for disabled users, and without prejudice to Directive 1999/5/EC of the European Parliament and of the Council of 9 March 1999 on radio equipment and telecommunications terminal equipment and the mutual recognition of their conformity and in particular the disability requirements pursuant to its Article 3(3)(f), the Commission should be able to adopt implementing measures.

Amendment 193 -

 * Article 1 – point 13 – point b amending Directive 2002/22/EC Article 22 – paragraph 3 compromise tabled by ALDE, PPE-DE and PSE replace Amendment 81

3. A national regulatory authority may issue guidelines setting minimum quality of service requirements, and, if appropriate, take other measures, in order to prevent degradation of service and slowing of traffic over networks, and to ensure that the ability of users to access or distribute content or to run applications and 'services of their choice is not unreasonably restricted. Those' guidelines or measures shall take due account of any standards issued under Article 17 of Directive 2002/21/EC (Framework Directive). The Commission may, having examined such guidelines or measures and consulted [xxx], adopt technical implementing measures in that regard if it considers that the guidelines or measures may create a barrier 'to the internal market. Those' measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2).

Amendment 194 --

 * Recital 14 b (new) compromise tabled by PPE-DE and PSE

(14b) In the absence of relevant rules of Community law, content, applications and services are deemed lawful or harmful in accordance 'with national substantive and procedural law. It is a task for the' relevant authorities of the Member States, not for providers of electronic communications networks or services, to decide, in accordance with due process, whether content, applications or 'services are lawful or harmful or not. Directive 2002/22/EC is' without prejudice to Directive 2000/31/EC (Directive on electronic commerce), which inter alia contains a "mere conduit" rule for 'intermediary service providers. Directive 2002/22/EC does not require' providers to monitor information transmitted over their networks or to take punitive action or legal prosecution against their customers due to such information, nor does it make providers liable for the 'information. Responsibility for any such punitive action or legal' prosecution remains with the relevant law enforcement authorities.