Council opts to limit role of proposed European information security agency
The EU Telecommunications Council has approved Commission plans for the creation of a European network and information security agency, but decided that it should act simply as an advisory body. The Council agreed on a general approach to the creation of the agency during a meeting in Brussels on 5 June, pending the outcome of the European Parliament's first reading of the draft proposal. The agency will advise the Commission and Member States on how to combat the threat of cyber crime, and will consult with national regulatory authorities to help them meet information security requirements laid out in Community legislation. In the original Commission proposal, the envisaged role of the agency also included coordination and standardisation functions, such as the promotion of security standards and certification schemes, but it is now likely that such references will be dropped from the final text. The Council also made changes to the proposed composition of the agency's management board, which is now set to include a representative from each Member State, three Commission appointed members, and non-voting representatives from industry, consumer groups and academia. The general approach was agreed on with two abstentions from the UK and German delegations.