Dear colleagues,
I've been asked to encourage you to respond to a short survey by ENISA, which
will take approximately 15 minutes of your time.
The European Electronic Communications Code (EECC) contains some provisions
regarding outreach to costumers and consumers regarding potential cybersecurity
threats security incidents and what they can or need to do.
Or in the text of the EECC itself (Art, 40, par. 3):
“Member States shall ensure that in the case of a particular and significant
threat of a security incident in public electronic communications networks or
publicly available electronic communications services, providers of such
networks or services shall inform their users potentially affected by such a
threat of any possible protective measures or remedies which can be taken by
the users. Where appropriate, providers shall also inform their users of the
threat itself.”
Amongst its goals, the survey aims to identify:
• Effective solutions and good practices of the cybersecurity consumer
outreach by electronic communication providers.
• Methods of authorities for supporting the development of customer
outreach on cybersecurity.
If you have any examples to share, please participate in the survey.
Although this survey is organised by ENISA, it is not uncommon for the results
of these surveys to form the basis for legislative proposals by the Commission.
In that context it is always useful to provide input about industry practices
and position in these early stages and be able to inform policy makers about
the things that work and the things where change might be needed.
The survey can be found at
https://ec.europa.eu/eusurvey/runner/ElectronicCommunicationsProvidersConsumerOutreach2021
It will close on 20 May 2021, so unfortunately not much time to develop a
common position. I would recommend you contribute to this survey on an
individual basis.
Best,
Marco Hogewoning
Manager Public Policy and Internet Governance
RIPE NCC
