Together with other industry associations, EuroISPA is calling on EU Member States to allow the continuation of current Child Sexual Abuse detection practices.
Building on our previous joint statement welcoming the extension of the temporary ePrivacy Directive derogation, we reaffirm that proactive measures against CSA have been instrumental in protecting children online over the past decade.
Brussels, 21 November 2024 – EuroISPA, the pan-European association of Internet Services Providers (ISPs) associations, elects new Board configuration during the General Meeting held on November 21, 2024, in Brussels.
EuroISPA is the representative body of over 3,300 Internet Services Providers across the European continent. Since 1997, EuroISPA functions as an ‘umbrella’ association representing ISP associations on policy and legislative issues and facilitates the exchange of best practices between members.
EuroISPA Council members gathered in Brussels for their last General Meeting of 2024, which saw the election of new members of the Board. Dalia Coffetti, of EuroISPA’s Italian member AIIP, was unanimously elected Board Member. She joins Elina Ussa (FiCom, President), Lars Steffen (eco, Vice-President), Alex de Joode (AMS-IX, Treasurer), and Romain Bonenfant (FFTélécoms, Board Member), who have been reconfirmed in their respective roles for another mandate of 2 years. The new Board will be leading the Association’s work until the end of 2026.
Dalia Coffetti, newly elected EuroISPA Board Member on behalf of AIIP, stated: “I am honoured to be chosen to serve in the Board of EuroISPA, to actively contribute to the day-to-day activities of the Association and promote the interests of its members. I am looking forward to sharing the experience, vision and needs of all ISPs daily engaged in the digitalisation of the European Union and who, over the last decades, have contributed to building a competitive and innovative ecosystem that is close to the needs of European consumers”.
EuroISPA is committed to fostering the growth of an innovative and fair European Internet ecosystem, encouraging the continued development of a free and open telecommunications market, as highlighted in the EuroISPA Manifesto for the EU 2024-2029 Mandate. The work of the Association in 2025 will focus on engaging with newly-elected EU policymakers to work together towards achieving a fully functioning internal market, a long-term vision on privacy online, a harmonised European strategy for cybersecurity, and legislative coherence for digital infrastructure.
Elina Ussa, re-appointed President of the Association, said: “I am honoured by the trust that EuroISPA members have decided to put in me once again. I am looking forward to continuing working with this dedicated group of Officers to contribute to the ambitious goals that we have put forward in our Manifesto. Continuity in leadership will be beneficial to the work of the Association in times of changing EU landscape our members are navigating in. I am also delighted to welcome Dalia to the Board of EuroISPA, our members can count on one more expert to lead the Association into 2025 and beyond”.
/
What steps can be taken so that the telecoms sector is a frontrunner in achieving Europe’s sustainability goals? How can we ensure a sustainable and climate neutral digitalisation in Europe?
EuroISPA puts forward 5 key actions to address sustainability challenges for the digital ecosystem and European economy:
/
In a joint statement addressed to the European Data Protection Board (EDPB), EuroISPA and 14 leading European and national trade associations urge the EDPB to adopt a balanced and pragmatic interpretation of GDPR. A thoughtful look into the interplay of the GDPR and the AI Act will be key to make AI “made in Europe” a reality.
EuroISPA welcomes the work and efforts of the European Commission’s High-Level Group (HLG) on access to data for effective law enforcement on promoting a high level of security and an effective approach to fighting
crime and other challenges through the proposed 42 Recommendations.
Earlier this year, the European Commission’s High-Level Group (HLG) on access to data for effective law enforcement out forward 42 recommendations for the further development of EU policies and legislation to enhance and improve access to data for effective law enforcement.
In anticipation of the upcoming discussions of the HLG at the end of the year, EuroISPA would like to take this opportunity to react and give constructive feedback to the recommendations, highlighting some elements that require a careful approach besides further thinking.
EuroISPA welcomes the work and efforts of the Group in promoting a high level of security and an effective approach to fighting crime and other challenges through the proposed 42 Recommendations.
However, EuroISPA is concerned with some proposed recommendations that could weaken encryption, which is a fundamental tool to protect European citizens’ fundamental right to privacy.
Moreover, we underline the need to carefully assess any further measures that can put more burden on European actors, especially the smallest ones.
Finally, any additional measures should take into account the complex value chain that characterises the different ECSs (Electronic Communications Services); any unclear measure might lead to loopholes, further uncertainty when conducting business, as well as threats to the security and the integrity of networks.
The debate surrounding Belgium’s data retention legislation is far from over, despite recent decisions by the Constitutional Court. While some elements of the law have been upheld, the future of this legislation now hinges on the rulings of the European Court of Justice (ECJ) regarding the remaining contested sections. ISPA Belgium is closely following these developments as they have a direct impact on our members and the broader internet ecosystem in Belgium.
Belgium’s data retention law, which seeks to comply with a European directive aimed at retaining mobile phone data, has faced significant legal hurdles over the years. In 2015, the Belgian Constitutional Court annulled the original legislation, deeming it too vague after a legal challenge by the Human Rights League, among others. A second attempt in 2021 was also struck down by the Court.
Now, the latest ruling by the Constitutional Court on the 2022 version of the data retention law shows some movement in the right direction. Certain key aspects were approved this time, including the concept of targeted data retention within specific geographical zones, also known as differentiated data retention. This provision allows for data retention in zones where there is heightened risk of serious crime or threats to public safety, a change from earlier laws that treated the entire country as a single entity.
It is true that some legal guidelines have been established, providing much-needed reassurance for the ISP sector. However, with some aspects of the law still lacking clarity, unresolved issues pose technical challenges and create legal uncertainty for the internet ecosystem.
As a matter of fact, the future of Belgium’s data retention framework is still undecided. The Constitutional Court has referred several questions to the ECJ for clarification, particularly around how the EU Charter of Fundamental Rights should be interpreted in this context.
A major area of concern for Belgian ISPs remains the issue of retaining geolocation data by mobile network operators. While the need for balance between ensuring public safety and upholding fundamental rights is recognised, the outcome of the ECJ rulings will play a decisive role in shaping how this balance is achieved, also on this aspect.
The legal landscape for data retention in Belgium continues to evolve, with both progress and uncertainties on the horizon. The focus of ISPA Belgium is to remain engaged in these discussions, and to ensure that the rights of citizens are respected while addressing the technical and legal challenges that our members face. As we await further developments from the ECJ, our commitment to advocating for balanced and effective policies remains steadfast.
It is crucial that the need to combat crime does not come at the cost of citizens’ fundamental right to privacy. ISPA remains committed to advocating for balanced, well-defined legislation that safeguards both public security and privacy.
ISPA Belgium
EuroISPA Council Member
Brussels, September 23-24, 2024
With the European elections now behind us, a new insitutional and political scenario slowly forming, and an entire EU agenda still to shape, our members gathered to discuss the next steps for EuroISPA to expand its connections with newly-elected EU policymakers and contribute to new (and old) policy files that will be on the agenda in the next months.
The two-day meeting covered:
📌 The confirmation of Whalebone as a new EuroISPA Industry Forum member
📌 An analsys of the proposed new college of Commissioners and what this means for EuroISPA’s activities
📌 EuroISPA’s engagement strategy to approach new policymakers and share our messages for the new EU mandate
📌 Exchange on several EuroISPA statements on topics such as sustainability, GDPR, AI, CSAM and payments.
Finally, we had the pleasure of welcoming several guest speakers:
The next EuroISPA General Meeting will be held in Brussels in November – stay tuned!
Brussels, 25 September 2024 – EuroISPA, the pan-European association of Internet Services Providers Associations welcomes a new Forum member: Whalebone, a Czech developer of user-centric cybersecurity products. With Whalebone’s addition, EuroISPA’s Industry Forum currently allows ten companies with a legitimate interest in the Internet industry to participate in EuroISPA’s activities, acting in an advisory capacity and providing input on relevant policy issues.
Lorenzo Bracci, Account Executive at Whalebone, commented: “We are pleased to begin a collaboration of Whalebone with EuroISPA. As consortium leader of the DNS4EU project, Whalebone commits to the shared vision of a safe, private, and independent European digital space, thus opening new opportunities to both ISPs and their customers”.
EuroISPA is the representative body of Internet Services Providers (ISPs) across the European continent, creating a common voice aimed at promoting and protecting the interests of its members. Active since 1997, EuroISPA functions as an ‘umbrella’ association representing ISP associations on policy and legislative issues and facilitates the exchange of best practices between members.
Elina Ussa, President of EuroISPA, said: “We are delighted that Whalebone is joining our community as the newest addition to the EuroISPA Industry Forum. At EuroISPA, we highly value the input of companies, and we believe that Whalebone, with their extraordinary work on cybersecurity, will bring a topical perspective and represent a great addition to the activities of the Forum. This valuable enlargement of our membership strengthens our position as a prominent stakeholder and representative body in the sector”.
Established in 2016 in the Czech Republic with the goal of redefining digital security, Whalebone has since become the official provider of secure DNS resolution for the European Union and a globally recognised market leader in telco network security. Whalebone develops user-centric cybersecurity products for telcos, ISPs, and enterprises, and provides digital life protection to millions of everyday Internet users without the need to download anything.
Richard Malovic, CEO at Whalebone, added: “We believe that Whalebone contributes to a new standard, where the Internet connection itself would be the guarantor of security, and thus to be connected will mean to be protected”.
About Whalebone
Whalebone brings next-generation digital life protection to T1 telcos, regional ISPs, and enterprises all over the world. Their products already protect more than 400 companies and millions of their customers from malware, phishing schemes, and other malicious attacks targeted at all types of Internet-connected devices. Whalebone’s mission is to bring cybersecurity to 1 billion Internet users by the end of the decade.
For more information: [email protected]
Brussels, 10 September 2024 – EuroISPA, the pan-European association of Internet Services Providers Associations, officially welcomed its new Forum member Point Topic Ltd, a London-based broadband market intelligence house. With Point Topic’s addition, EuroISPA’s Industry Forum can now rely on nine companies active in the Internet industry to participate in the Association’s activities under an advisory capacity.
EuroISPA is the representative body of Internet Services Providers (ISPs) across the European continent. Founded in 1997, EuroISPA functions as an ‘umbrella’ association representing nine national ISP associations on policy and legislative issues and facilitates the exchange of best practices between members. EuroISPA engages at EU level on behalf of its members on a wide range of policy issues, including intermediary liability, data protection, cybersecurity and safer Internet. The association is structured around different, topical, Committees, which allow members to regularly exchange ideas and views on specific policy matters and dossiers.
“Joining EuroISPA is an essential step for Point Topic in strengthening our commitment to the development of a robust and fair Internet services framework in Europe. We are excited to contribute our data-driven insights and collaborate with fellow EuroISPA Industry and Council members to foster an environment conducive to innovation and competitiveness,” said Oliver Johnson, CEO of Point Topic.
Point Topic has been at the heart of European broadband data for many years. In addition to regular data gathering and analysis for a range of private sector clients, the company has run numerous projects for the European Commission and still contributes to the Broadband Coverage in Europe study with the latest in the annual series published recently.
Elina Ussa, President of EuroISPA, said: “We are delighted to be welcoming Point Topic as the newest addition to the EuroISPA Industry Forum. Thanks to their extensive research and broad client base that includes ISPs, operators, policymakers, and academic institutions, I am confident that Point Topic will provide valuable advice to EuroISPA’s Council members, actively contributing to and enhancing our discussions on the policy issues impacting the European Internet industry and supporting us in achieving our goal of defending the interests of European ISPs at EU level”.
“At the core of what we do every day is bringing more broadband to more people. We make a small but important and ongoing contribution to the spread of high bandwidths and all the benefits that come with it. We believe our values align well with EuroISPA and their members and we are committed to supporting EuroISPA’s goals and collaborating towards a prosperous and interconnected European digital future together,” concluded Johnson.
About Point Topic Ltd
Founded in 1998, Point Topic specialises in providing high-quality data and analysis on global broadband development. Celebrating its 25th year, Point Topic continues to be a key resource for industry data, influencing strategic decisions across the UK and Europe. Learn more at www.point-topic.com.
For more information: [email protected]
As part of the negotiations on the Commission’s proposal for a regulation on payment services, the liability of electronic communications operators and more generally of technical intermediaries, including digital platforms, in the context of bank fraud has been raised in different fora. This is triggered by an increase in fraudulent practices based on impersonation to deceive bank customers using electronic means of communication. For example, one of the growing vectors of bank fraud concerns the theft of telephone numbers (number spoofing). By fraudulently using a number assigned to a bank or payment service provider (bank advisor number or credit card opposition centre), the fraudster lowers the customer’s level of distrust and deceives them to obtain confidential information (access codes, bank card number, etc.).
Electronic communications operators, notably faced with the misunderstanding of fraud victims, are already incentivised to fight such practices and ensure trust in the use of telephone numbers. Several national initiatives, whether voluntary or imposed by law, have been launched in this regard. For example, in France, the Naegelen law, adopted in July 2020 to combat illegal cold calling, requires operators to ensure the authenticity of numbers from the numbering plan established by the national regulatory authority when they are used as caller ID for calls and messages received by their end-user customers.
Despite these efforts, which must continue, fraudsters remain innovators by nature, which means that fraud is rapidly evolving to circumvent any technical obstacles put in place.
This is why attempts to shift the legal and financial liability of such bank fraud cases away from payment service providers to technical intermediaries would not bring any additional result in the effective fight against these fraudulent practices. On the contrary, this would certainly lower the incentive for payment service providers to secure their services through state-of-the-art technologies and endanger the very principles governing the functioning of electronic communications services: electronic communications operators do not have visibility or control over the contents of communications on their networks, hence cannot be held liable for reprehensible acts committed using their networks. Overall, this would conflict with provisions of existing EU law applying to electronic communication operators (such as European Electronic Communications Code or ePrivacy and net neutrality) and platforms (such as the Digital Services Act).
But this does not imply that nothing can be done: cooperation at EU level among all parties involved in the fight against bank fraud (including operators, digital service providers, payment service providers, banks, customers’ associations, telecom regulators, and banking supervisors) could be strengthened and structured to identify and qualify trends in bank frauds, promote best practices in technical remediation, seek interoperability in telephone number authentication systems, and better inform customers for them to make better decisions when using payment services.
Remedying new forms of bank fraud requires a collective effort from the digital and the banking sector – the EU should not miss the opportunity to make it happen. It should ensure the Payment Services Regulation remains proportionate and incentivise efficient cooperation between the banking sector and the electronic communications sector, while duly considering the roles of each player in the value chain and without transfer of liability.
Romain Bonenfant
EuroISPA Board Member
Managing Director, Fédération Française des Télécoms