Security protocols applying to the communications and data of the Commission and its agencies
15.10.2020
Question for written answer E-005634/2020/rev.1
to the Commission
Rule 138
Eva Kaili (S&D)
The Commission and its agencies exchange privileged and sensitive information relating to the EU’s policy‑making process and interinstitutional dialogue. In recent months, videoconferencing and digital communications have replaced physical meetings, but there are no guarantees that these communications are secure and invulnerable.
Communications between EU officials – especially at the highest levels – must be secure and invulnerable to ensure that interinstitutional exchanges of sensitive information can take place without risks across all transmission channels.
A recent breach of 1 200 accounts of elected officials and staff at Parliament reinforces the need for higher standards of operational security as regards telecommunications and data storage.
In the light of the above, can the Commission answer the following questions:
- 1.Has an assessment of the level of safety of the telecommunication lines of the Commission and its agencies been carried out?
- 2.What are the applicable operational standards of security and encryption of telecommunications and digital communications for the Commission, its agencies and staff?
- 3.Is the data produced by the Commission and its agencies stored locally or does it flow to servers outside the EU? Are any private vendors providing data storage capacity, and if so, what standards apply to them and how are they monitored?