Index 
 Previous 
 Next 
 Full text 
Procedure : 2007/0248(COD)
Document stages in plenary
Document selected : A6-0318/2008

Texts tabled :

A6-0318/2008

Debates :

PV 02/09/2008 - 10
CRE 02/09/2008 - 10

Votes :

PV 24/09/2008 - 10.1
CRE 24/09/2008 - 10.1
Explanations of votes
Explanations of votes

Texts adopted :

P6_TA(2008)0452

Texts adopted
PDF 581kWORD 310k
Wednesday, 24 September 2008 - Brussels
Electronic communications networks and services, protection of privacy and consumer protection ***I
P6_TA(2008)0452A6-0318/2008
Resolution
 Consolidated text
 Annex
 Annex
 Annex

European Parliament legislative resolution of 24 September 2008 on the proposal for a directive of the European Parliament and of the Council amending Directive 2002/22/EC on universal service and users" rights relating to electronic communications networks, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on consumer protection cooperation (COM(2007)0698 – C6-0420/2007 – 2007/0248(COD))

(Codecision procedure: first reading)

The European Parliament,

–   having regard to the Commission proposal to the European Parliament and the Council (COM(2007)0698),

–   having regard to Article 251(2) and Article 95 of the EC Treaty, pursuant to which the Commission submitted the proposal to Parliament (C6-0420/2007),

–   having regard to Rule 51 of its Rules of Procedure,

–   having regard to the report of the Committee on the Internal Market and Consumer Protection and the opinions of the Committee on Economic and Monetary Affairs, the Committee on Industry, Research and Energy, the Committee on Culture and Education, the Committee on Legal Affairs and the Committee on Civil Liberties, Justice and Home Affairs (A6-0318/2008),

1.  Approves the Commission proposal as amended;

2.  Calls on the Commission to refer the matter to Parliament again if it intends to amend the proposal substantially or replace it with another text;

3.  Instructs its President to forward its position to the Council and Commission.


Position of the European Parliament adopted at first reading on 24 September 2008 with a view to the adoption of Directive 2008/.../EC of the European Parliament and of the Council amending Directive 2002/22/EC on universal service and users" rights relating to electronic communications networks, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on consumer protection cooperation
P6_TC1-COD(2007)0248

(Text with EEA relevance)

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty establishing the European Community, and in particular Article 95 thereof,

Having regard to the proposal from the Commission ║,

Having regard to the opinion of the European Economic and Social Committee(1),

Having regard to the opinion of the Committee of the Regions(2),

After having consulted the European Data Protection Supervisor(3),

Acting in accordance with the procedure laid down in Article 251 of the Treaty(4),

Whereas:

(1)  The functioning of Directives 2002/19/EC of the European Parliament and of the Council of 7 March 2002 on access to, and interconnection of, electronic communications networks and associated facilities (Access Directive)(5), 2002/20/EC of the European Parliament and of the Council of 7 March 2002 on the authorisation of electronic communications networks and services (Authorisation Directive)(6), 2002/21/EC of the European Parliament and the Council of 7 March 2002 on a common regulatory framework for electronic communications networks and services (Framework Directive)(7), 2002/22/EC of the European Parliament and the Council of 7 March 2002 on universal service and users' rights relating to electronic communications networks and services (Universal Service Directive)(8) and 2002/58/EC of the European Parliament and the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications)(9), which constitute the existing regulatory framework for electronic communications networks and services, is subject to periodic review by the Commission, with a view in particular to determining the need for modification in the light of technological and market developments.

(2)  In that regard, the Commission presented its findings in its Communication to the Council, the European Parliament, the European Economic and Social Committee and the Committee of the Regions of 29 June 2006 on the Review of the EU Regulatory Framework for electronic communications networks and services.

(3)  The reform of the EU regulatory framework for electronic communications networks and service, including the reinforcement of provisions for users with disabilities, represents a key step towards achieving a Single European Information Space and at the same time an inclusive information society. These objectives are included in the strategic framework for the development of the information society as described in the ║ Communication of the Commission to the Council, the European Parliament, the European Economic and Social Committee and the Committee of the Regions of 1 June 2005 entitled "i2010 ‐ A European Information Society for growth and employment".

(4)  The universal service is a protective network for people whose financial resources, geographical location or special social needs do not permit them to access the basic services available to the majority of citizens. The basic universal service obligation laid down in Directive 2002/22/EC is to provide users who so request with a connection to the public telephone network from a fixed location and at an affordable price. As a result, it addresses neither mobile services nor broadband access to the Internet. This basic obligation is now confronted by technological and market developments in which mobile communications may be the primary form of access in many areas and networks are increasingly adopting the technology associated with mobile and broadband communications. These developments raise a need to assess whether the technical, social and economic conditions justifying the inclusion of mobile communications and broadband access in the universal service obligation are fulfilled, as well as related financing aspects. To this end, the Commission will present, no later than autumn 2008, a review of the scope of the universal service obligation and proposals for reform of Directive 2002/22/EC to meet the appropriate public interest objectives. That review will take account of economic competitiveness and include an analysis of social, commercial and technological conditions and of the risk of social exclusion. It will also address the technical and economic viability, estimated cost, cost allocation and funding models for any redefined universal service obligation. As questions relating to the scope of the universal service obligation will therefore be fully dealt with in that separate procedure, this Directive only deals with other aspects of Directive 2002/22/EC.

(5)  For the sake of clarity and simplicity, the present act only deals with the amendments to Directives 2002/22/EC and 2002/58/EC.

(6)  Without prejudice to Directive 1999/5/EC of the European Parliament and of the Council of 9 March 1999 on radio equipment and telecommunications terminal equipment and the mutual recognition of their conformity(10), and in particular the disability requirements laid down in Article 3(3)(f) thereof, certain aspects of terminal equipment, including equipment intended for disabled users, should be brought within the scope of Directive 2002/22/EC in order to facilitate access to networks and the use of services. Such equipment currently includes receive-only radio and television terminal equipment as well as special terminal devices for hearing-impaired users.

(7)  Member States should introduce measures to promote the creation of a market for widely available products and services incorporating facilities for disabled users. This can be achieved inter alia by referring to European standards, by introducing electronic accessibility (eAccessibility) requirements for public procurement procedures and the provision of services relating to calls for tender, and by implementing legislation upholding the rights of the disabled.

(8)  Definitions need to be adjusted so as to conform to the principle of technology neutrality and to keep pace with technological development. In particular, conditions for the provision of a service should be separated from the actual definitional elements of a publicly available telephone service, i.e. an electronic communications service available to the public for originating and receiving, directly or indirectly via carrier selection or pre-selection or resale, national and/or international calls and means of communication specifically intended for disabled users using text relay or total conversation services through a number or numbers in a national or international telephone numbering plan, whether such a service is based on circuit switching or packet switching technology. It is the nature of such a service that it is bidirectional, enabling both parties to communicate. A service which does not fulfil all these conditions, such as for example a "click-through" application on a customer service website, is not a publicly available telephone service.

(9)  It is necessary to clarify the application of certain provisions to take account of situations where a service provider resells or re-brands publicly available telephone services provided by another undertaking.

(10)  As a result of technological and market evolutions, networks are increasingly moving to the "Internet Protocol" (IP) technology and consumers are increasingly able to choose between a range of competing voice service providers. Therefore, Member States should be able to separate universal service obligations concerning the provision of a connection to the public communications network at a fixed location from the provision of a publicly available telephone service (including calls to emergency services via the number "112"). Such separation should not affect the scope of universal service obligations defined and reviewed at Community level. Member States that use other national emergency numbers besides "112" may impose on undertakings similar obligations for access to those national emergency numbers.

(11)  National regulatory authorities should be able to monitor the evolution and the level of retail tariffs for services that fall under the scope of universal service obligations even when a Member State has not yet designated an undertaking to provide universal service.

(12)  Redundant obligations designed to facilitate the transition from the old regulatory framework of 1998 to the one of 2002 should be deleted, together with other provisions that overlap with and duplicate those laid down in Directive 2002/21/EC.

(13)  The requirement to provide a minimum set of leased lines at retail level, which was necessary to ensure the continued application of provisions of the regulatory framework of 1998 in the field of leased lines, which was not yet sufficiently competitive at the time the 2002 framework entered into force, is no longer necessary and should be repealed.

(14)  Continuing to impose carrier selection and carrier pre-selection directly by Community legislation could hamper technological progress. These remedies should rather be imposed by national regulatory authorities as a result of market analysis in accordance with the procedures in Directive 2002/21/EC.

(15)  The provisions on contracts should apply not only to consumers but also to other end-users, primarily micro enterprises and small and medium-sized enterprises (SMEs), which may prefer a contract adapted to consumer needs. To avoid unnecessary administrative burdens on providers and complexity related to the definition of SMEs, the provisions on contracts should not apply automatically to those other end-users, but only where they so request. Member States should take appropriate measures to promote awareness amongst SMEs of this possibility.

(16)  Providers of electronic communications services should ensure that their customers are adequately informed as to whether or not access to emergency services and caller location information is provided, and are given clear and transparent information in the initial customer contract and at regular intervals thereafter, for example in customer billing information. This information should include any limitations as to territorial coverage, on the basis of the planned technical operating parameters of the service and the available infrastructure. Where the service is not provided over a switched telephony network, the information should also include the level of reliability of the access and of caller location information compared to a service that is provided over a switched telephony network, taking into account current technology and quality standards, as well as any quality of service parameters specified under Directive 2002/22/EC. Voice calls remain the most robust and reliable form of access to emergency services. Other means of contact, such as text messaging, may be less reliable and may suffer from lack of immediacy. Member States should however, if they deem it appropriate, be free to promote the development and implementation of other means of access to emergency services which are capable of ensuring access equivalent to voice calls. Customers should also be kept well informed of possible types of action that the provider of electronic communications service may take to address security threats or in response to a security or integrity incident, since such actions could have a direct or indirect impact on the customer's data, privacy or other aspects of the service provided.

(17)  With respect to terminal equipment, the customer contract should specify any restrictions imposed by the provider on the customer's use of such equipment, such as by way of "SIM-locking" mobile devices, and any charges due on termination of the contract, whether before or on the agreed expiry date, including any cost imposed in order to retain the equipment.

(18)  Without imposing any obligation on the provider to take action over and above what is required under Community law, the customer contract should also specify the type of action, if any, the provider might take in case of security or integrity incidents, threats or vulnerabilities, as well as any arrangements implemented by the provider to provide compensation if such events occur.

(19)  In order to address public interest issues with respect to the use of communications services, and to encourage protection of the rights and freedoms of others, the relevant national authorities should be able to produce and have disseminated, with the aid of providers, public interest information related to the use of communications services. This information should include public interest warnings regarding copyright infringement, other unlawful uses and dissemination of harmful content, and advice and means of protection against risks to personal security, which may for example arise from disclosure of personal information in certain circumstances, privacy and personal data. The information could be coordinated by way of the cooperation procedure established by Article 33(2a) of Directive 2002/22/EC. Such public interest information should be updated whenever necessary and should be presented in easily comprehensible printed and electronic formats, as determined by each Member State, and on the websites of the national public authorities. National regulatory authorities should be able to oblige providers to disseminate this standardised information to all their customers in a manner deemed appropriate by the national regulatory authorities. Significant additional costs incurred by service providers for dissemination of such information should be agreed between the providers and the relevant authorities and met by those authorities. The information should also be included in contracts.

(20)  The right of subscribers to withdraw from their contracts without penalty refers to modifications in contractual conditions which are imposed by the providers of electronic communications networks and/or services.

(21)  Community rules on consumer protection and national rules in conformity with Community law should apply to Directive 2002/22/EC without exception.

(22)  End-users should decide what lawful content they want to be able to send and receive, and which services, applications, hardware and software they want to use for such purposes, without prejudice to the need to preserve the integrity and security of networks and services. A competitive market with transparent offerings as provided for in Directive 2002/22/EC should ensure that end-users are able to access and distribute any lawful content and to use any lawful applications and/or services of their choice, as stated in Article 8 of Directive 2002/21/EC. Given the increasing importance of electronic communications for consumers and businesses, users should in any case be fully informed of any restrictions and/or limitations imposed on the use of electronic communications services by the service and/or network provider. Such information should, at the option of the provider, specify the type of content, application or service concerned, individual applications or services, or both. Depending on the technology used and the type of restriction and/or limitation, such restrictions and/or limitations may require user consent under Directive 2002/58/EC.

(23)  A competitive market should also ensure that users are able to have the quality of service they require, but in particular cases it may be necessary to ensure that public communications networks attain minimum quality levels so as to prevent degradation of service, usage restrictions and/or limitations and the slowing of traffic. Where there is a lack of effective competition, national regulatory authorities should use the remedies available to them under the directives establishing the regulatory framework for electronic communications networks and services to ensure that users" access to particular types of content or applications is not unreasonably restricted. It should also be possible for national regulatory authorities to issue guidelines setting minimum quality of service requirements under Directive 2002/22/EC and to take other measures where such other remedies have, in their judgement, not been effective with regard to the interests of users and all other relevant circumstances. Such guidelines or measures could include the provision of a basic tier of unrestricted services.

(24)  In the absence of relevant rules of Community law, content, applications and services should be deemed lawful or harmful in accordance with national substantive and procedural law. It is the task of the relevant authorities of the Member States, not of providers of electronic communications networks or services, to decide, in accordance with due process, whether or not content, applications and services are lawful or harmful. Directive 2002/22/EC is without prejudice to Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce)(11), which inter alia contains a "mere conduit" rule for intermediary service providers. Directive 2002/22/EC does not require providers to monitor information transmitted over their networks or to bring legal proceedings against their customers on grounds of such information, nor does it make providers liable for that information. Responsibility for punitive action or criminal prosecution remains with the relevant law enforcement authorities.

(25)  Directive 2002/22/EC is without prejudice to reasonable and non-discriminatory network management by providers.

(26)  Since inconsistent remedies will significantly impair the achievement of the internal market, the Commission should assess any guidelines or other measures adopted by national regulatory authorities for possible regulatory intervention across the Community and, if necessary, adopt technical implementing measures in order to achieve consistent application throughout the Community.

(27)  The availability of transparent, up-to-date and comparable tariffs is a key element for consumers in competitive markets with several providers offering services. Consumers of electronic communications services should be able to easily compare prices of various services offered on the market based on tariff information published in an easily accessible form. In order to allow them to make price comparisons easily, national regulatory authorities should have powers to require from operators better tariff transparency and to ensure that third parties have the right to use without charge publicly available tariffs published by undertakings providing electronic communications services. They should also, themselves or through third parties, make price guides available where the market has not provided them free of charge or at a reasonable price. Operators should not be entitled to any remuneration for such use of tariffs where they have already been published and thus belong to the public domain. In addition, users should be adequately informed of the price involved or the type of service offered before they purchase a service, in particular if a freephone number is subject to any additional charges. National regulatory authorities should be able to require that such information is provided generally, and, for certain categories of services determined by them, prior to connecting the call. When determining the categories of call requiring pricing information prior to connection, national regulatory authorities should take due account of the nature of the service, the pricing conditions which apply to it and whether it is offered by a provider who is not a provider of electronic communications services.

(28)  Customers should be informed of their rights with respect to the use of their personal information in directories of subscribers, and in particular of the purpose or purposes of such directories, as well as their right, free of charge, not to be included in a public subscriber directory, as provided for in Directive 2002/58/EC. Where systems exist allowing information to be included in the directory database but not disclosed to users of directory services customers should also be informed of that possibility.

(29)  The Member States should introduce single information points for all user queries. These information points, which could be administered by the national regulatory authorities together with consumer associations, should also be able to provide legal assistance in case of disputes with operators. Access to these information points should be free of charge and users should be informed of their existence by regular information campaigns.

(30)  In future IP networks where provision of a service may be separated from provision of the network, Member States should determine the most appropriate steps to be taken to ensure the availability of publicly available telephone services provided using public communications networks and uninterrupted access to emergency services in the event of catastrophic network breakdown or in cases of force majeure.

(31)  Operator assistance services cover a range of different services for end-users. The provision of such services should be left to commercial negotiations between providers of public communications networks and operator assistance services, as is the case for any other customer support service, and there is no need to continue to mandate their provision. Therefore, the corresponding obligation should be repealed.

(32)  Directory enquiry services should be, and frequently are, provided in competition, pursuant to Article 5 of Commission Directive 2002/77/EC of 16 September 2002 on competition in the markets for electronic communications networks and services(12). Wholesale measures ensuring the inclusion of end-user data (both fixed and mobile) in databases, the cost-oriented supply of that data to service providers and the provision of network access in cost-oriented, reasonable and transparent conditions should be in place in order to ensure that end users benefit fully from competition with the ultimate aim of enabling the removal of retail regulation from these services.

(33)  End-users should be able to call and access the emergency services provided using any telephone service capable of originating voice calls through a number or numbers in the national or international telephone numbering plans. Emergency authorities should be able to handle and answer calls to the number "112" at least as expeditiously and effectively as calls to other national emergency numbers. It is important to increase awareness of "112" in order to improve the level of protection and security of citizens travelling in the European Union. To this end, citizens should be made fully aware that "112" can be used as a single emergency number when travelling in any Member State, in particular through information provided in international bus terminals, train stations, ports or airports and in telephone directories, payphone kiosks, subscriber and billing material. This is primarily the responsibility of the Member States, but the Commission should continue both to support and to supplement initiatives undertaken by the Member States to further awareness of "112" and periodically to assess knowledge of "112" by the public. The obligation to provide caller location information should be strengthened so as to increase the protection of citizens of the European Union. In particular, operators should provide caller location information to emergency services in a "push" mode. In order to respond to technological developments, including those leading to increasingly precise accuracy of location information, the Commission should be able to adopt technical implementing measures in order to ensure the effective implementation of "112" in the Community for the benefit of citizens of the European Union.

(34)  Member States should take specific measures to ensure that emergency services, including "112", are equally accessible to disabled persons, in particular deaf, hearing-impaired, speech-impaired and deaf-blind users. This could involve the provision of special terminal devices to hearing-impaired users, text relay services, or other specific equipment.

(35)  Development of the international code "3883" ▌ (the European Telephony Numbering Space (ETNS)) ▌ is currently hindered by lack of demand, overly bureaucratic procedural requirements and insufficient awareness. In order to foster the development of ETNS, the Commission should delegate responsibility for its management, number assignment and promotion either to the Body of European Regulators in Telecom (BERT) or, following the example of the implementation of the ".eu" top level domain, to a separate organisation, designated by the Commission on the basis of an open, transparent and non-discriminatory selection procedure, and with operating rules which form part of Community law.

(36)  Pursuant to its Decision 2007/116/EC of 15 February 2007 on reserving the national numbering range beginning with '116' for harmonised numbers for harmonised services of social value,(13) the Commission has reserved numbers in the '116' numbering range for certain services of social value. The numbers identified in that Decision cannot be used for purposes other than those set out therein, but there is no obligation for Member States to ensure that services associated with the reserved numbers are actually provided. The appropriate provisions of Decision 2007/116/EC should be reflected in Directive 2002/22/EC in order to integrate them more firmly into the regulatory framework for electronic communications networks and services and to ensure accessibility by disabled end-users as well. Considering the particular aspects related to reporting missing children and the currently limited availability of that service, Member States should not only reserve a number, but also ensure that a service for reporting missing children is actually available in their territories under the number 116000.

(37)  A single market implies that end-users are able to access all numbers included in the national numbering plans of other Member States, and to access services, including Information Society services, using non-geographic numbers within the Community, including among others freephone and premium rate numbers. End-users should also be able to access numbers from ║ ETNS ║ and universal international freephone numbers (UIFN). Cross-border access to numbering resources and to the associated service should not be prevented except in objectively justified cases, such as when this is necessary to combat fraud, and abuse e.g. in connection with certain premium-rate services, or when the number is defined as having a national scope only (e.g. national short code). Users should be fully informed in advance in a clear manner of any charges applicable to freephone numbers, such as international call charges for numbers accessible through standard international dialling codes. In order to ensure that end-users have effective access to numbers and services in the Community, the Commission should be able to adopt implementing measures. End-users should also be able to connect to other end-users (especially via IP numbers) in order to exchange data, regardless of the operator they choose.

(38)  In order to take full advantage of the competitive environment, consumers should be able to make informed choices and to change providers when it is in their interest. It is essential to ensure that they can do so without being hindered by legal, technical or practical obstacles, including contractual conditions, procedures, charges etc. This does not preclude imposing reasonable minimum contractual periods in consumer contracts. Number portability is a key facilitator of consumer choice and effective competition in competitive markets for electronic communications, and should be implemented with the minimum of delay, ordinarily within no more than one day of the request of the consumer. However, experience in certain Member States has shown that there is a risk of consumers being switched without consent. While that is a matter that should primarily be addressed by law-enforcement authorities, Member States should be able to impose such minimum proportionate measures regarding the switching process as are necessary to minimise such risks, without making the process less attractive for consumers. In order to be able to adapt number portability to market and technological evolution, including the possible porting of subscriber's personal directories and profile information stored within the network, the Commission should be able to take technical implementing measures in this area. Assessment of whether technology and market conditions are such as to allow for porting of numbers between networks providing services at a fixed location and mobile networks should in particular take into account prices for users and switching costs for undertakings providing services at fixed locations and mobile networks.

(39)  ▌Legal "must-carry" obligations may be applied ▌to specified radio and audiovisual media services and complementary services supplied by a specified media service provider. Audiovisual media services are defined in Directive 2007/65/EC of the European Parliament and of the Council of 11 December 2007 amending Council Directive 89/552/EEC on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the pursuit of television broadcasting activities(14). Member States should provide a clear justification for the "must carry" obligations ▌so as to ensure that such obligations are transparent, proportionate and properly defined. In that regard, "must carry" rules should be designed in a way which provides sufficient incentives for efficient investment in infrastructure. "Must carry" rules should be periodically reviewed in order to keep them up-to-date with technological and market evolution in order to ensure that they continue to be proportionate to the objectives to be achieved. Complementary services include, but are not limited to, services to improve accessibility for users with disabilities, such as a videotext service, subtitling service, an audio description or sign language.

(40)  In order to overcome existing shortcomings in terms of consumer consultation and appropriately address the interests of citizens, Member States should put in place ▌ appropriate consultation mechanisms. Such mechanisms could take the form of a body which would, independently from the national regulatory authority as well as from service providers, carry out research on consumer-related issues, such as consumer behaviour and mechanisms for changing suppliers, and which would operate in a transparent manner and contribute to the existing mechanisms for stakeholders" consultation. Furthermore, a mechanism should be established for the purpose of enabling appropriate cooperation on issues relating to the promotion of lawful content. Any cooperation procedures agreed pursuant to such a mechanism should however not allow for systematic surveillance of Internet usage. Where there is a need to address the facilitation of the access to and use of electronic communications services and terminal equipment for disabled users, and without prejudice to Directive 1999/5/EC ║ and in particular the disability requirements pursuant to ║ Article 3(3)(f) thereof, the Commission should be able to adopt implementing measures.

(41)  The procedure for out-of-court dispute resolution should be strengthened by ensuring that independent dispute resolution bodies are used, and that the procedure conforms at least to the minimum principles established by Commission Recommendation 98/257/EC of 30 March 1998 on the principles applicable to the bodies responsible for out-of-court settlement of consumer disputes(15). Member States may either use existing dispute resolution bodies for that purpose, provided those bodies meet the applicable requirements, or establish new bodies.

(42)  Obligations imposed on an undertaking designated as having universal service obligations should be notified to the Commission.

(43)  Directive 2002/58/EC provides for the harmonisation of the provisions of the Member States required to ensure an equivalent level of protection of fundamental rights and freedoms, and in particular the right to privacy and the right to confidentiality and security of information technology systems, with respect to the processing of personal data in the electronic communications sector, and to ensure the free movement of such data and of electronic communications equipment and services in the Community.

(44)  The processing of traffic data for network and information security purposes, ensuring the availability, authenticity, integrity and confidentiality of stored or transmitted data, will enable the processing of such data in the legitimate interest of the data controller for the purpose of preventing unauthorized access and malicious code distribution and stopping denial-of-service attacks and damage to computer and electronic communication systems. The European Network and Information Security Agency (ENISA) should publish regular studies with the purpose of illustrating the types of processing allowed under Article 6 of Directive 2002/58/EC.

(45)  When defining the implementing measures on the security of processing, in accordance with the regulatory procedure with scrutiny, the Commission should consult all relevant European authorities and organisations (ENISA, the European Data Protection Supervisor and the Article 29 Working Party) as well as all other relevant stakeholders, particularly in order to be informed of the best available technical and economic methods for improving the implementation of Directive 2002/58/EC.

(46)  The provisions of Directive 2002/58/EC particularise and complement Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data(16) and provide for the legitimate interests of subscribers who are natural or legal persons.

(47)  Liberalisation of electronic communications networks and services markets and rapid technological development have combined to boost competition and economic growth and have resulted in a rich diversity of end-user services accessible via public and private electronic communications networks and publicly accessible private networks.

(48)  IP addresses are essential to the working of the Internet. They identify network participating devices, such as computers or mobile smart devices, by a number. Given the variety of scenarios in which IP addresses are used, and the related technologies which are rapidly evolving, questions have arisen about the use of such addresses as personal data in certain circumstances. The Commission should therefore, on the basis of a study regarding IP addresses and their uses, present such proposals as may be appropriate.

(49)  Technological progress allows the development of new applications based on devices for data collection and identification, which may be contactless devices using radio frequencies. For example, Radio Frequency Identification Devices (RFID) use radio frequencies to capture data from uniquely identified tags, which can then be transferred over existing communications networks. The wide use of such technologies can bring considerable economic and social benefits and thus make a powerful contribution to the internal market if their use is acceptable to citizens. To achieve that, it is necessary to ensure that all fundamental rights of individuals, including the right to privacy and the right to data protection, are safeguarded. When such devices are connected to publicly available electronic communications networks or make use of electronic communications services as a basic infrastructure, the relevant provisions of Directive 2002/58/EC, including those on security, traffic and location data and ║ confidentiality, should apply.

(50)  The provider of a publicly available electronic communications service should take appropriate technical and organisational measures to ensure the security of its services. Without prejudice to Directive 95/46/EC and Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks(17), such measures should ensure that personal data can be accessed only by authorised personnel for legally authorised purposes and that the personal data stored or transmitted as well as the network and services are protected. Moreover, a security policy with respect to the processing of personal data should be established in order to identify vulnerabilities in the system and regular monitoring and preventive, corrective and mitigating action should be carried out.

(51)  National regulatory authorities should monitor measures taken and disseminate best practices among providers of publicly available electronic communications services.

(52)  A breach of security resulting in the loss or compromising personal data of a subscriber or individual may, if not addressed in an adequate and timely manner, result in substantial ▌harm to users. Therefore, the national regulatory authority or other competent national authority should be notified by the relevant service provider of any security breach without delay. The competent authority should determine the seriousness of the breach and should require the relevant service provider to give appropriate notification without undue delay to users affected by the breach. Furthermore, and in cases where there is an imminent and direct danger to consumers' rights and interests (such as in cases of unauthorized access to the content of e-mails, access to credit card records and so on), the relevant service provider should, in addition to the competent national authority, immediately notify affected users directly. Finally, providers should annually notify affected users of all breaches of security under Directive 2002/58/EC that occurred during the relevant time period. The notifications to the national authorities and to users should include information about measures taken by the provider to address the breach, as well as recommendations for the protection of affected users║.

(53)  National regulatory authorities should promote the interests of the citizens of the European Union by inter alia contributing to ensuring a high level of protection of personal data and privacy. To this end, they must have the necessary means to perform their duties, including comprehensive and reliable data about actual security incidents that have led to the personal data of individuals being compromised.

(54)  When implementing measures transposing Directive 2002/58/EC, the authorities and courts of the Member States should not only interpret their national law in a manner consistent with that Directive, but should also ensure that they do not rely on an interpretation of that Directive which would be in conflict with other fundamental rights or general principles of Community law, such as the principle of proportionality.

(55)  Provision should be made for implementing measures to establish a common set of requirements to achieve an adequate level of privacy protection and security of personal data transmitted or processed in connection with the use of electronic communications networks in the internal market.

(56)  In setting detailed rules concerning the format and procedures applicable to the notification of security breaches, due consideration should be given to the circumstances of the breach, including whether or not the personal data had been protected by encryption or other means, effectively limiting the likelihood of identity fraud or other forms of misuse. Moreover, such rules and procedures should take into account the legitimate interests of law enforcement authorities in cases where early disclosure could unnecessarily hamper the investigation of the circumstances of a breach.

(57)  Software that surreptitiously monitors actions of the user and/or subverts operation of the user's terminal equipment for the benefit of a third party (so-called "spyware") poses a serious threat to users" privacy. A high and equal level of protection of the private sphere of users needs to be ensured, regardless of whether unwanted spying programmes are inadvertently downloaded via electronic communications networks or are delivered and installed hidden in software distributed on other external data storage media, such as CDs, CD-ROMs and USB keys. Member States should encourage end-users to take the necessary steps to protect their terminal equipment against viruses and spyware.

(58)  Electronic communications service providers have to make substantial investments in order to combat unsolicited commercial communications ("spam"). They are also in a better position than end-users in possessing the knowledge and resources necessary to detect and identify spammers. Email service providers and other service providers should therefore have the possibility to initiate legal action against spammers for such infringements and thus defend the interests of their customers, as well as their own legitimate business interests.

(59)  Where location data other than traffic data can be processed, such data should be processed only when they are made anonymous or with the prior consent of the users or subscribers concerned, who should be given clear and comprehensive information concerning the possibility of withdrawing their consent at any time.

(60)  The need to ensure an adequate level of protection of privacy and personal data transmitted and processed in connection with the use of electronic communications networks in the Community calls for effective implementation and enforcement powers in order to provide adequate incentives for compliance. National regulatory authorities should have sufficient powers and resources to investigate cases of non-compliance effectively, including the possibility to obtain any relevant information they might need, to decide on complaints and to impose sanctions in cases of non-compliance.

(61)  Cross border cooperation and enforcement should be reinforced in line with existing Community cross border enforcement mechanisms such as that laid down by the Regulation (EC) No 2006/2004 of the European Parliament and of the Council of 27 October 2004 on cooperation between national authorities responsible for enforcement of consumer protection laws (Regulation on consumer protection cooperation)(18) by way of an amendment to that Regulation.

(62)  The measures necessary for the implementation of ║ Directives 2002/22/EC and ║ 2002/58/EC should be adopted in accordance with Council Decision 1999/468/EC of 28 June 1999 laying down the procedures for the exercise of implementing powers conferred on the Commission(19).

(63)  The Commission should, provided that the Treaty of Lisbon amending the Treaty on European Union and the Treaty establishing the European Community(20) enters into force, present to the European Parliament and to the Council a new legislative proposal on privacy and data security in electronic communications, with a new legal basis.

(64)  In particular, the Commission should be empowered to adopt implementing measures on tariff transparency, minimum quality of service requirements, effective implementation of "112" services, effective access to numbers and services, and improvement of accessibility by disabled end-users, as well as amendments to adapt the Annexes to technical progress or changes in market demand. It should also be empowered to adopt implementing measures concerning information and notification requirements as well as cross-border cooperation. Since those measures are of ║ general scope and are designed to amend non-essential elements of Directive 2002/22/EC by supplementing it with new non-essential elements, they must be adopted in accordance with the regulatory procedure with scrutiny provided for in Article 5a of Decision 1999/468/EC. Given that the conduct of the regulatory procedure with scrutiny within the normal time limits could, in certain exceptional situations, impede the timely adoption of implementing measures, the European Parliament, the Council and the Commission should act speedily in order to ensure the timely adoption of those measures.

(65)  The purpose of Directive 2002/22/EC is to ensure a high level of protection of the rights of consumers and individual users in the provision of telecommunications services. Such protection is not required in the case of global telecommunications services. These are corporate data and voice services provided as a package to large undertakings, located in different countries within or outside the EU, on the basis of individual contracts negotiated by parties of equal strength.

(66)  Directives 2002/22/EC and 2002/58/EC should therefore be amended accordingly,

HAVE ADOPTED THIS DIRECTIVE:

Article 1

Amendments to Directive 2002/22/EC

(Universal Service Directive)

Directive 2002/22/EC (Universal Service Directive) is hereby amended as follows:

(1)  Article 1 shall be replaced by the following:"

Article 1

Subject-matter and scope

1.  Within the framework of Directive 2002/21/EC (Framework Directive), this Directive concerns the provision of electronic communications networks and services to end-users. The aim is to ensure the availability throughout the Community of good quality publicly available services through effective competition and choice and to deal with circumstances in which the needs of end-users are not satisfactorily met by the market. This Directive also includes provisions concerning consumer premises terminal equipment, with particular attention being given to terminal equipment for users with special needs, including the disabled and the elderly.

2.  This Directive establishes the rights of end-users and the corresponding obligations on undertakings providing publicly available electronic communications networks and services. With regard to ensuring provision of universal service within an environment of open and competitive markets, this Directive defines the minimum set of services of specified quality to which all end-users have access, at an affordable price in the light of specific national conditions, without distorting competition. This Directive also sets out obligations with regard to the provision of certain mandatory services.

3.  The provisions of this Directive shall apply without prejudice to Community rules on consumer protection, in particular Directives 93/13/EEC and 97/7/EC, and to national rules in conformity with Community law.

"

   2) ║ Article 2 shall be amended as follows:

a)   point (b) shall be deleted;

b)   points (c) and (d) shall be replaced by the following:"

   c) "publicly available telephone service" means a service available to the public for originating and/or receiving, directly or indirectly ▌, national and/or international calls and other means of communication specifically intended for disabled users using text relay or total conversation services through a number or numbers in a national or international telephone numbering plan;
   d) "geographic number" means a number from the national telephone numbering plan where part of its digit structure contains geographic significance used for routing calls to the physical location of the network termination point (NTP);
"

c)   point (e) shall be deleted;

(3)  Article 4 shall be replaced by the following:"

Article 4

Provision of access at a fixed location and provision of telephone services

1.  Member States shall ensure that all reasonable requests for connection at a fixed location to a public communications network are met by at least one undertaking.

2.  The connection provided shall be capable of supporting voice, facsimile and data communications, at data rates that are sufficient to permit functional Internet access, taking into account prevailing technologies used by the majority of subscribers and technological feasibility.

3.  Member States shall ensure that all reasonable requests for provision of a publicly available telephone service over the network connection referred to in paragraph 1, allowing originating and receiving of national and international calls and calls to emergency services via the number "112" as well as via any other national emergency number, are met by at least one undertaking.

"

(4)  Article 5(2) shall be replaced by the following:"

2.  The directories in paragraph 1 shall comprise, subject to the provisions of Article 12 of Directive 2002/58/EC, all subscribers of publicly available telephone services.

"

(5)  Article 6 shall be amended as follows:

a)   the title shall be replaced by the following:"

Public pay telephones and other telecommunication access points

"

b)   paragraph 1 shall be replaced by the following:"

1.  Member States shall ensure that national regulatory authorities can impose obligations on undertakings in order to ensure that public pay telephones or other telecommunication access points are provided to meet the reasonable needs of end-users in terms of the geographical coverage, the number of telephones or other telecommunications access points, accessibility to disabled users and the quality of services.

"

(6)  Article 7 shall be replaced by the following:"

Article 7

▌ Measures for disabled users

1.  Member States shall take specific measures for disabled end-users in order to ensure access to and affordability of electronic communications services, including access to emergency services, directory enquiry services and directories, equivalent to that enjoyed by other end-users.

2.  Member States may take specific measures, shown through an assessment by the national regulatory authorities to be needed in the light of national conditions and specific disability requirements, to ensure that disabled end-users can ▌ take advantage of the choice of undertakings and service providers available to the majority of end-users, and to promote the availability of appropriate terminal equipment. They shall ensure that in any event the needs of specific groups of disabled users are met by at least one undertaking.

3.  In taking the measures referred to above, Member States shall encourage compliance with the relevant standards or specifications published in accordance with Articles 17, 18 and 19 of Directive 2002/21/EC (Framework Directive).

4.  In order to be able to adopt and implement specific arrangements for disabled users, Member States shall encourage the production and availability of terminal equipment offering the necessary services and functions.

"

7)   in Article 8, the following paragraph shall be added:"

3.  When an operator designated in accordance with paragraph 1 intends to dispose of a substantial part or all of its local access network assets to a separate legal entity under different ownership, it shall inform in advance the national regulatory authority in a timely manner, in order to allow the national regulatory authority to assess the effect of the intended transaction on the provision of access at a fixed location and of telephone services pursuant to Article 4. The national regulatory authority may impose conditions in accordance with Article 6(2) of Directive 2002/20/EC (Authorisation Directive).

"

(8)  Article 9(1), (2) and (3) shall be replaced by the following:"

1.  National regulatory authorities shall monitor the evolution and level of retail tariffs of the services identified in Articles 4, 5, 6 and 7 as falling under the universal service obligations and provided by designated undertakings, or if no undertakings are designated in relation to those services, otherwise available in the market, in particular in relation to national consumer prices and income.

2.  Member States may, in the light of national conditions, require that designated undertakings provide tariff options or packages to consumers which depart from those provided under normal commercial conditions, in particular to ensure that those on low incomes or with special social needs are not prevented from accessing or using the network access referred to in Article 4(1), or the services identified in Articles 4(3), 5, 6 and 7 as falling under the universal service obligations and provided by designated undertakings.

3.  Member States shall, besides any provision for designated undertakings to provide special tariff options or to comply with price caps or geographical averaging or other similar schemes, ensure that support is provided to consumers identified as having low incomes, disability or special social needs.

"

(9)  Article 10(2) shall be replaced by the following:"

2.  Member States shall ensure that undertakings offering telecommunication services as defined in Article 2 of Directive 2002/21/EC (Framework Directive) provide the specific facilities and services set out in Annex I, Part A of this Directive, in order that subscribers can monitor and control expenditure and avoid unwarranted disconnection of service.

"

(10)  Article 11(1) shall be replaced by the following:"

1.  National regulatory authorities shall ensure that all designated undertakings with obligations under Articles 4, 5, 6, 7 and 9(2) publish adequate and up-to-date information concerning their performance in the provision of universal service, based on the quality of service parameters, definitions and measurement methods set out in Annex III. The published information shall be supplied to the national regulatory authority on request.

"

11)   the title of Chapter III shall be replaced by the following:"

REGULATORY CONTROLS ON UNDERTAKINGS WITH SIGNIFICANT MARKET POWER IN SPECIFIC RETAIL MARKETS

"

(12)  Article 16 shall be deleted;

(13)  Article 17 shall be amended as follows:

a)   paragraph 1 shall be replaced by the following:"

1.  Member States shall ensure that national regulatory authorities impose appropriate regulatory obligations on undertakings identified as having significant market power on a given retail market in accordance with Article 14 of Directive 2002/21/EC (Framework Directive):

   a) where as a result of a market analysis carried out in accordance with Article 16 of Directive 2002/21/EC (Framework Directive) a national regulatory authority determines that a given retail market identified in accordance with Article 15 of Directive 2002/21/EC (Framework Directive) is not effectively competitive, and
   b) where the national regulatory authority concludes that obligations imposed under Directive 2002/19/EC (Access Directive), would not result in the achievement of the objectives set out in Article 8 of Directive 2002/21/EC (Framework Directive).

"

b)   the following paragraph shall be inserted:"

2a.  Without prejudice to obligations that may be imposed on operators identified as having significant market power on a given retail market pursuant to paragraph 1, national regulatory authorities may apply the obligations referred to in paragraph 2 for a transitional period to operators identified as having significant market power on a given wholesale market in circumstances where wholesale obligations have been imposed but are not yet effective in ensuring competition in the retail market.

"

c)   paragraph 3 shall be deleted;

(14)  Articles 18 and 19 shall be deleted;

(15)  Articles 20 and 21 shall be replaced by the following:"

Article 20

Contracts

1.  Member States shall ensure that, where subscribing to services providing connection to a public communications network and/or electronic communications services, consumers and other end-users so requesting have a right to a contract with an undertaking or undertakings providing such services and/or connection. The contract shall specify in a clear, comprehensive and easily accessible form at least:

   a) the identity and address of the supplier;
  b) the services provided, including in particular:
   where access to emergency services and caller location information is to be provided under Article 26, the level of reliability of such access, where relevant, and whether access is provided in the whole of the national territory,
   information on any restrictions imposed by the provider regarding a subscriber's ability to access, use or distribute lawful content or run lawful applications and services,
   the service quality levels, with reference to any parameters specified under Article 22(2) as appropriate,
   types of maintenance and customer support services offered, as well as how to contact customer support,
   the time for the initial connection, and
   any restrictions on the use of terminal equipment imposed by the provider;
   c) the subscriber's decision as to whether or not to include his or her personal data in a directory, and the data concerned;
   d) particulars of prices and tariffs and the means by which up-to-date information on all applicable tariffs and maintenance charges may be obtained, payment methods offered and any differences in costs due to payment method;
  e) the duration of the contract and the conditions for renewal and termination of services and of the contract, including:
   any charges related to portability of numbers and other identifiers; and
   any charges due on termination of the contract, including any cost recovery with respect to terminal equipment;
   f) any compensation and the refund arrangements which apply if contracted service quality levels are not met;
   g) the method of initiating procedures for settlement of disputes in accordance with Article 34;
   h) the type of action that might be taken by the undertaking providing connection and/or services in reaction to security or integrity incidents or threats and vulnerabilities, as well as any compensation arrangements which apply if security or integrity incidents occur.

The contract shall also include any information provided by the relevant public authorities on the use of electronic communications networks and services to engage in unlawful activities or to disseminate harmful content, and on the means of protection against risks to personal security, privacy and personal data referred to in Article 21(4) and relevant to the service provided.

2.  Subscribers shall have a right to withdraw from their contracts without penalty upon notice of modifications in the contractual conditions proposed by operators. Subscribers shall be given adequate notice, not shorter than one month, ahead of any such modifications and shall be informed at the same time of their right to withdraw, without penalty, from such contracts, if they do not accept the new conditions.

Article 21

Transparency and publication of information

1.  Member States shall ensure that undertakings providing connection to a public electronic communications network and/or electronic communications services publish transparent, comparable, adequate and up-to-date information on applicable prices and tariffs, any charges due on termination of a contract and information on standard terms and conditions, in respect of access and use of their services provided to end-users and consumers in accordance with Annex II. Such information shall be published in a clear, comprehensive and easily accessible form. National regulatory authorities may specify additional requirements regarding the form in which such information is to be published.

2.  National regulatory authorities shall encourage the provision of comparable information to enable end-users and consumers to make an independent evaluation of the cost of alternative usage patterns, by means of interactive guides or similar techniques. Member States shall ensure that national regulatory authorities make such guides or techniques available themselves or through third parties, free of charge or at a reasonable price. Third parties shall have a right to use free of charge the information published by undertakings providing electronic communications networks and/or services, for the purposes of selling or making available such interactive guides or similar techniques.

3.  Member States shall ensure that national regulatory authorities are able to oblige undertakings providing connection to a public electronic communications network and/or electronic communications services to inter alia:

   a) provide applicable tariff information to subscribers regarding any number or service subject to particular pricing conditions; with respect to individual categories of services national regulatory authorities may require such information to be provided prior to connecting the call;
   b) regularly remind subscribers of any lack of reliable access to emergency services or caller location information in the service they have subscribed to;
   c) inform subscribers of any change to any restrictions imposed by the undertaking on their ability to access, use or distribute lawful content or run lawful applications and services of their choice;
   d) inform subscribers of their right to include their personal data in a directory, and of the types of data concerned; and
   e) regularly inform disabled subscribers of details of current products and services aimed at them.

If deemed appropriate, national regulatory authorities may promote self-or co-regulatory measures prior to imposing any obligation.

4.  Member States shall ensure that national regulatory authorities oblige the undertakings referred to in paragraph 3 to distribute public interest information to existing and new subscribers where appropriate. Such information shall be produced by the relevant public authorities in a standardised format and shall inter alia cover the following topics:

   a) the most common uses of electronic communications services to engage in unlawful activities or to disseminate harmful content, particularly where it may prejudice respect for the rights and freedoms of others, including infringements of copyright and related right, and their consequences; and
   b) means of protection against risks to personal security, privacy and personal data in using electronic communications services.

Significant additional costs incurred by an undertaking in complying with these obligations shall be reimbursed by the relevant public authorities.

"

(16)  Article 22 shall be amended as follows:

a)   paragraphs 1 and 2 shall be replaced by the following:"

1.  Member States shall ensure that national regulatory authorities are able, after taking account of the views of interested parties, ║to require undertakings that provide publicly available electronic communications networks and/or services to publish comparable, adequate and up-to-date information for end-users on the quality of their services and on measures taken to ensure equivalent access for disabled end-users. The information shall, on request, also be supplied to the national regulatory authority in advance of its publication.

2.  National regulatory authorities may specify, inter alia, the quality of service parameters to be measured, and the content, form and manner of information to be published, including possible quality certification mechanisms, in order to ensure that end-users, including disabled end-users, have access to comprehensive, comparable, reliable and user-friendly information. Where appropriate, the parameters, definitions and measurement methods given in Annex III could be used.

"

b)   the following paragraph shall be added:"

3.  A national regulatory authority may issue guidelines setting minimum quality of service requirements, and, if appropriate, take other measures, in order to prevent degradation of service and slowing of traffic over networks, and to ensure that the ability of users to access or distribute content or to run applications and services of their choice is not unreasonably restricted. Those guidelines or measures shall take due account of any standards issued under Article 17 of Directive 2002/21/EC (Framework Directive).

The Commission may, having examined such guidelines or measures and consulted the Body of European Regulators in Telecom (BERT), adopt technical implementing measures in that regard if it considers that the guidelines or measures may create a barrier to the internal market. Those measures designed to amend non-essential elements of this Directive by supplementing it shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). ▌

"

(17)  Article 23 shall be replaced by the following:"

Article 23

Availability of services

Member States shall take all necessary measures to ensure the fullest possible availability of publicly available telephone services ▌ in the event of catastrophic network breakdown or in cases of force majeure. Member States shall ensure that undertakings providing publicly available telephone services take all necessary measures to ensure uninterrupted access to emergency services from any place within the territory of the EU.

"

(18)  Article 25 shall be amended as follows:

a)   the title shall be replaced by the following:"

▌ Directory enquiry services

"

b)   paragraph 1 shall be replaced by the following:"

1.   Member States shall ensure that all end-users of electronic communications networks and services have the right to have their information made available to providers of directory enquiry services and directories in accordance with the provisions of paragraph 2.

"

c)   paragraphs 3, 4 and 5 shall be replaced by the following:"

3.  Member States shall ensure that all end-users of an electronic communications service can access directory enquiry services and that operators controlling access to such services provide it on terms which are fair, cost-oriented, objective, non-discriminatory and transparent.

4.   Member States shall not maintain any regulatory restrictions which prevent end-users in one Member State from accessing directly the directory enquiry service in another Member State by voice call or SMS, and shall take measures to ensure such access pursuant to Article 28.

5.  Paragraphs 1, 2, 3 and 4 shall apply subject to the requirements of Community legislation on the protection of personal data and privacy and, in particular, Article 12 of Directive 2002/58/EC.

"

(19)  Articles 26 and 27 shall be replaced by the following:"

Article 26

Emergency services and the single European emergency call number

1.  Member States shall ensure that, in addition to any other national emergency call numbers specified by the national regulatory authorities, all end-users of services referred to in paragraph 2, including users of public pay telephones, are able to call the emergency services free of charge and without having to use any means of payment, by using the single European emergency call number "112

2.  Member States, in cooperation with national regulatory authorities, emergency services and providers, shall ensure that undertakings providing an electronic communications service for originating national and/or international calls through a number or numbers in a national or international telephone numbering plan provide reliable access to emergency services.

3.  Member States shall ensure that the emergency services are able to appropriately respond to and handle all calls to the single European emergency call number "112" ▌ in a manner best suited to the national organisation of emergency systems. Such calls shall be answered and handled at least as expeditiously and effectively as calls to national emergency number or numbers, where these continue in use.

4.  Member States shall ensure that disabled end-users have access to emergency services equivalent to that enjoyed by other end-users. The measures taken to ensure that disabled end-users are able to access emergency services while travelling in other Member States shall include ensuring compliance with relevant standards or specifications published in accordance with the provisions of Article 17 of Directive 2002/21/EC (Framework Directive).

5.  Member States shall ensure that caller location information is made available free of charge and as soon as the emergency call reaches the authority handling the emergency. This shall also apply to all calls to the single European emergency call number "112".

"

6.  Member States shall ensure that, in addition to information about their national numbers, all citizens of the Union are adequately informed of the existence and use of the single European emergency call number "112", in particular through initiatives specifically targeting persons travelling between Member States. ▌

7.  In order to ensure the effective implementation of "112" services in the Member States, ▌the Commission, having consulted BERT, may adopt technical implementing measures.

Those measures, designed to amend non-essential elements of this Directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). ▌

Article 27

European telephone access codes

1.  Member States shall ensure that the "00" code is the standard international access code. Special arrangements for making calls between adjacent locations across borders between Member States may be established or continued. The end-users in the locations concerned shall be fully informed of such arrangements.

2.  Those Member States to which the ITU assigned the international code "3883" shall entrust an organisation established by Community law and designated by the Commission on the basis of an open, transparent and non-discriminatory selection procedure, or BERT, with sole responsibility for management, including number assignment, and promotion of the European Telephony Numbering Space (ETNS).

3.  Member States shall ensure that all undertakings that provide publicly available telephone services handle all calls to and from the ETNS, at rates that do not exceed the maximum rate they apply for calls to and from other Member States.";

20)   the following Article shall be inserted:"

Article 27a

Harmonised numbers for harmonised services of social value, including the missing children hotline number

"

1.  Member States shall promote the specific numbers in the numbering range beginning with '116' identified by Commission Decision 2007/116/EC of 15 February 2007 on reserving the national numbering range beginning with '116' for harmonised numbers for harmonised services of social value*. They shall encourage the provision within their territory of the services for which such numbers are reserved.

2.  Member States shall ensure that disabled end-users are able to access services provided under the '116' numbering range. In order to ensure that disabled end-users are able to access such services while travelling in other Member States, measures taken shall include ensuring compliance with relevant standards or specifications published in accordance with the provisions of Article 17 of Directive 2002/21/EC (Framework Directive).

3.  Member States shall ensure that citizens are adequately informed about the existence and use of services provided under the '116' numbering range, in particular through initiatives specifically targeting persons travelling between Member States.

4.  Member States shall, in addition to measures of general applicability to all numbers in the '116' numbering range taken pursuant to paragraphs 1, 2 and 3, ensure citizens' access to a service operating a hotline to report cases of missing children. The hotline shall be available on the number 116000.

5.  In order to ensure the effective implementation of the '116' numbering range, in particular the missing children hotline number 116000, in the Member States, including access for disabled end-users when travelling in other Member States, the Commission, having consulted BERT, may adopt technical implementing measures.

Those measures, designed to amend non-essential elements of this Directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2).

___________

* OJ L 49, 17.2.2007, p. 30.

(21)  Article 28 shall be replaced by the following:"

Article 28

Access to numbers and services

1.  Member States shall ensure that, where technically and economically feasible, and except where a called subscriber has chosen for commercial reasons to limit access by calling parties located in specific geographical areas, national regulatory authorities take all necessary steps to ensure that:

   a) end-users are able to access all numbers provided in the Community regardless of the technology and devices used by the operator, including those in the national numbering plans of Member States, those from the ETNS and Universal International Freephone Numbers; and
   b) connection services are provided for text telephones, video telephones and products which help to enable elderly people or people with disabilities to communicate, at least as regards emergency calls.

National regulatory authorities shall be able to block on a case-by-case basis access to numbers or services where this is justified by reasons of fraud or misuse, and to ensure that in such cases, including where an investigation is pending, providers of electronic communications services withhold relevant interconnection or other service revenues.

2.  In order to ensure that end users have effective access to numbers and services in the Community, the Commission may ▌ adopt technical implementing measures. Those measures, designed to amend non-essential elements of this Directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). ▌

Any such technical implementing measure may be periodically reviewed to take account of market and technological developments.

3.  Member States shall ensure that national regulatory authorities are able to require undertakings providing public communications networks to provide information regarding the management of their networks in connection with any limitations or restrictions on end-user access to or use of services, content or applications. Member States shall ensure that national regulatory authorities have all the powers necessary to investigate cases in which undertakings have imposed limitations on end-user access to services, content or applications.

"

(22)  Article 29 shall be amended as follows:

a)   paragraph 1 shall be replaced by the following:"

1.  Member States shall ensure that national regulatory authorities are able to require all undertakings that operate publicly available telephone services and/or public communications networks to make available to end-users additional facilities listed in Annex I, Part B, subject to technical feasibility and economic viability.

"

b)   paragraph 3 shall be replaced by the following:"

3.  Without prejudice to Article 10(2), Member States may impose the obligations in Annex I, Part A, point (e), concerning disconnection as a general requirement on all undertakings providing access to public communications networks and/or publicly available telephone services.

"

(23)  Article 30 shall be replaced by the following:"

Article 30

Facilitating change of supplier

1.  Member States shall ensure that all subscribers with numbers from the national telephone numbering plan who so request can retain their number or numbers independently of the undertaking providing the service in accordance with the provisions of Annex I, part C.

2.  National regulatory authorities shall ensure that pricing between operators related to the provision of number portability is cost oriented and that direct charges to subscribers, if any, do not act as a disincentive for the use of these facilities.

3.  National regulatory authorities shall not impose retail tariffs for the porting of numbers in a manner that would distort competition, such as by setting specific or common retail tariffs.

4.  Porting of numbers and their subsequent activation shall be executed within the shortest possible delay, no later than one working day from the initial request by the subscriber. National regulatory authorities may extend the one day period and prescribe appropriate measures where necessary to ensure that subscribers are not switched against their will. National regulatory authorities may impose appropriate sanctions on providers, including an obligation to compensate customers, in case of delay in porting or abuse of porting by them or on their behalf.

5.  Member States shall ensure that the duration of contracts concluded between users and undertakings providing electronic communications services does not exceed 24 months. They shall also ensure that undertakings offer users the possibility to subscribe to a contract with a maximum duration of 12 months for all types of service and terminal equipment.

6.  Member States shall ensure that ▌ procedures for termination of contracts do not act as a disincentive against changing suppliers of services.

"

(24)  Article 31(1) shall be replaced by the following:"

1.  Member States may impose reasonable "must carry" obligations for the transmission of specified radio and audiovisual media services and complementary services, particularly accessibility services, on undertakings under their jurisdiction providing electronic communications networks used for the distribution of radio or audiovisual media services to the public where a significant number of end-users of such networks use them as their principal means of receiving radio and audiovisual media services. Such obligations shall only be imposed where they are necessary to meet general interest objectives clearly and specifically defined by each Member State ▌and shall be proportionate and transparent.

The obligations referred to in the first subparagraph shall be reviewed by the Member States at the latest within one year of [time-limit for implementation of the amending act], except where Member States have carried out such a review within the previous 2 years.

Member States shall review "must carry" obligations on a regular basis.

"

25)   the following Article shall be inserted:"

Article 31a

Ensuring equivalent access and choice for disabled users

Member States shall ensure that national regulatory authorities are able to impose appropriate requirements on undertakings providing publicly available electronic communications services so as to ensure that disabled end-users:

   a) have access to electronic communication services equivalent to that enjoyed by the majority of end-users; and
   b) can take advantage of the choice of undertakings and services available to the majority of end-users.

"

26)   the following Article shall be inserted:"

Article 32a

Access to content, services and applications

Member States shall ensure that any restrictions on the rights of users to access content, services and applications, if such restrictions are necessary, are implemented by appropriate measures, in accordance with the principles of proportionality, effectiveness and dissuasiveness. Those measures shall not have the effect of hindering the development of the information society, in compliance with Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce)*, and shall not conflict with the fundamental rights of citizens, including the right to privacy and the right to due process.

__________

* OJ L 178, 17.7.2000, p. 1.";

"

(27)  Article 33 shall be amended as follows:

a)   ║ paragraph 1 shall be amended as follows:

   i) the first subparagraph shall be replaced by the following:
  

"1. Member States shall ensure as far as appropriate that national regulatory authorities take account of the views of end-users, consumers, manufacturers and undertakings that provide electronic communications networks and/or services on issues related to all end-user and consumer rights concerning publicly available electronic communications services, in particular where they have a significant impact on the market.

   ii) the following ║ sub-paragraph shall be added:"
In particular, Member States shall ensure that national regulatory authorities establish ▌consultation mechanisms ensuring that due consideration is given to, and account taken of, issues relating to end-users, including, in particular, disabled end-users, in their decision-making process."

b)   the following paragraph shall be inserted:"

2a.  Without prejudice to national rules in conformity with Community law promoting cultural and media policy objectives, such as cultural and linguistic diversity and media pluralism, national regulatory authorities and other relevant authorities shall as far as appropriate promote cooperation between undertakings providing electronic communications networks and/or services and the sectors interested in the promotion of lawful content in electronic communication networks and services. That co-operation may also include coordination of the public interest information to be made available under Article 21(4) and Article 20(1).";

"

c)   the following paragraph shall be added:"

" ▌

3.  Without prejudice to the application of Directive 1999/5/EC and in particular of disability requirements pursuant to its Article 3(3)(f), and in order to improve accessibility to electronic communications services and equipment by disabled end-users, the Commission may ▌take the appropriate technical implementing measures, following a public consultation and after having consulted BERT. Those measures, designed to amend non-essential elements of this Directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 37(2). ▌

"

(28)  Article 34(1) shall be replaced by the following:"

1.  Member States shall ensure that independent bodies provide transparent, simple and inexpensive out-of-court procedures ▌for dealing with ▌disputes between consumers and undertakings providing electronic communications networks and/or services relating to the contractual conditions and/or performance of contracts concerning the supply of such networks or services. Such procedures shall enable disputes to be settled fairly and promptly and shall take account of the requirements of Commission Recommendation 98/257/EC of 30 March 1998 on the principles applicable to the bodies responsible for out-of-court settlement of consumer disputes*. Member States may, where warranted, adopt a system of reimbursement and/or compensation. Member States may extend these obligations to cover disputes involving other end-users.

Member States shall ensure that the bodies in charge of dealing with such disputes, which can be single points of contact, provide relevant information for statistical purposes to the Commission and the authorities.

"

With specific regard to the interaction of audiovisual and electronic communications, Member States shall encourage reliable out-of-court procedures.

_________

* OJ L 115, 17.4.1998, p. 31.

(29)  Article 35 shall be replaced by the following:"

Article 35

Adaptation of annexes

Measures designed to amend non-essential elements of this Directive and necessary to adapt Annexes I, II, III, and VI to technological developments or to changes in market demand shall be adopted by the Commission in accordance with the regulatory procedure with scrutiny referred to in Article 37(2).

"

(30)  Article 36(2) shall be replaced by the following:"

2.  National regulatory authorities shall notify to the Commission the obligations imposed upon undertakings designated as having universal service obligations. Any changes affecting the obligations imposed upon undertakings or of the undertakings affected under the provisions of this Directive shall be notified to the Commission without delay.

"

(31)  Article 37 shall be replaced by the following:"

Article 37

Committee procedure

1.  The Commission shall be assisted by the Communications Committee, set up by Article 22 of Directive 2002/21/EC (Framework Directive).

2.  Where reference is made to this paragraph, Article 5a(1) to (4) and Article 7 of Decision 1999/468/EC shall apply, having regard to the provisions of Article 8 thereof.

"

(32)  Annexes I, II and III shall be replaced by Annexes I, II and III to this Directive;

33)   in Annex VI, point 1 shall be replaced by the following:"

1.  Common scrambling algorithm and free-to-air reception

All consumer equipment intended for the reception of conventional digital television signals (i.e. broadcasting via terrestrial, cable or satellite transmission which is primarily intended for fixed reception, such as DVB-T, DVB-C or DVB-S), for sale or rent or otherwise made available in the Community, capable of descrambling digital television signals, is to possess the capability to:

   allow the descrambling of such signals according to a common European scrambling algorithm as administered by a recognised European standards organisation, currently ETSI;
   display signals that have been transmitted in the clear provided that, in the event that such equipment is rented, the rentee is in compliance with the relevant rental agreement.

"

(34)  Annex VII shall be deleted.

Article 2

Amendments to Directive 2002/58/EC

(Directive on privacy and electronic communications)

Directive 2002/58/EC (Directive on privacy and electronic communications) is hereby amended as follows:

(1)  Article 1(1) and (2) shall be replaced by the following:"

1.  This Directive provides for the harmonisation of the provisions of the Member States required to ensure an equivalent level of protection of fundamental rights and freedoms, and in particular the right to privacy and the right to confidentiality and security of information technology systems, with respect to the processing of personal data in the electronic communication sector and to ensure the free movement of such data and of electronic communications equipment and services in the Community.

2.  The provisions of this Directive particularise and complement Directive 95/46/EC for the purposes mentioned in paragraph 1. Moreover, they provide for protection of the legitimate interests of subscribers who are natural or legal persons.

"

(2)  Article 2(e) shall be replaced by the following:"

   e) "call" means a connection established by means of a publicly available telephone service allowing two-way communication;
"

(3)  Article 3 shall be replaced by the following:"

Article 3

Services concerned

This Directive shall apply to the processing of personal data in connection with the provision of publicly available electronic communications services in public and private communications networks and publicly accessible private networks in the Community, including public and private communications networks and publicly accessible private networks supporting data collection and identification devices.

"

(4)  Article 4 shall be amended as follows:

a)   the title shall be replaced by the following:"

Security of processing

"

b)   the following paragraphs shall be inserted:"

1a.  Without prejudice to the provisions of Directive 95/46/EC and Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks*, these measures shall include:

   appropriate technical and organisational measures to ensure that personal data can be accessed only by authorised personnel for legally authorised purposes and to protect personal data stored or transmitted against accidental or unlawful destruction, accidental loss or alteration and unauthorised or unlawful storage, processing, access or disclosure;
   appropriate technical and organisational measures to protect the network and services against accidental, unlawful or unauthorised usage or interference with or hindering of their functioning or availability;
   a security policy with respect to the processing of personal data;
   a process for identifying and assessing reasonably foreseeable vulnerabilities in the systems maintained by the provider of electronic communications services, which shall include regular monitoring for security breaches; and
   a process for taking preventive, corrective and mitigating action against any vulnerabilities discovered in the process described under the fourth indent and a process for taking preventive, corrective and mitigating action against security incidents that can lead to a security breach.

1b.  National regulatory authorities shall be able to audit the measures taken by providers of publicly available electronic communication services and information society services and to issue recommendations about best practices and performance indicators concerning the level of security which these measures should achieve.

__________

* OJ L 105, 13.4.2006, p. 54.

"

c)   the following paragraphs ▌shall be added:"

3.  In case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed in connection with the provision of publicly available communications services in the Community, the provider of publicly available electronic communications services, as well as any undertaking operating on the Internet and providing services to consumers, which is the data controller and the provider of information society services shall, without undue delay, notify ▌the national regulatory authority or the competent authority according to the individual law of the Member State of such a breach. The notification to the competent authority shall at least describe the nature of the breach and recommend measures to mitigate its possible negative effects. The notification to the competent authority shall, in addition, describe the consequences of and the measures taken by the provider to address the breach.

The provider of publicly available electronic communications services, as well as any undertaking operating on the Internet and providing services to consumers, which is the data controller and the provider of information society services, shall notify their users beforehand to avoid imminent and direct danger to the rights and interests of consumers.

Notification of a security breach to a subscriber or individual shall not be required if the provider has demonstrated to the competent authority that it implemented appropriate technological protection measures and that those measures were applied to the data concerned by the security breach. Such technological protection measures shall render the data unintelligible to any person who is not authorized to access the data.

4.  The competent authority shall consider and determine the seriousness of the breach. If the breach is deemed to be serious, the competent authority shall require the provider of publicly available electronic communications services and the provider of information society services to give an appropriate notification without undue delay to the persons affected by the breach. The notification shall contain the elements described in paragraph 3.

The notification of a serious breach may be postponed in cases where the notification may hinder the progress of a criminal investigation related to the serious breach.

Providers shall annually notify affected users of all breaches of security that have led to the accidental or unlawful destruction, loss or alteration or the unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed in connection with the provision of publicly available communications services in the Community.

National regulatory authorities shall also monitor whether companies have complied with their notification obligations under this Article and impose appropriate sanctions, including publication, as appropriate, in the event of a failure to do so.

5.  The seriousness of a breach requiring notification to subscribers shall be determined according to the circumstances of the breach, such as the risk to the personal data affected by the breach, the type of data affected by the breach, the number of subscribers involved, and the immediate or potential impact of the breach on the provision of services.

6.  In order to ensure consistency in implementation of the measures referred to in paragraphs 1 to 5, the Commission shall, following consultation with ▌the European Data Protection Supervisor, relevant stakeholders and the European Network and Information Security Agency (ENISA), recommend technical implementing measures concerning inter alia the measures set out in paragraph 1a and the circumstances, format and procedures applicable to information and notification requirements referred to in paragraphs 4 and 5.

The Commission shall involve all relevant stakeholders, particularly in order to be informed of the best available technical and economic methods for improving the implementation of this Directive. Those measures, designed to amend non-essential elements of this Directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 14a(2). On imperative grounds of urgency, the Commission may have recourse to the urgency procedure referred to in Article 14a(3).

"

(5)  Article 5(3) shall be replaced by the following:"

3.  Member States shall ensure that the storing of information, or gaining access to information already stored, in the terminal equipment of a subscriber or user, either directly or indirectly by means of any kind of storage medium, is prohibited unless the subscriber or user concerned has given his/her prior consent, taking into account that browser settings constitute prior consent, and is provided with clear and comprehensive information in accordance with Directive 95/46/EC, inter alia about the purposes of the processing and is offered the right to refuse such processing by the data controller. This shall not prevent any technical storage or access for the sole purpose of carrying out ▌ the transmission of a communication over an electronic communications network, or as strictly necessary in order to provide an information society service explicitly requested by the subscriber or user.

"

(6)  Article 6 shall be amended as follows:

a)   paragraph 3 shall be replaced by the following:"

3.  For the purpose of marketing electronic communications services or for the provision of value added services, the provider of a publicly available electronic communications service may process the data referred to in paragraph 1 to the extent and for the duration necessary for such services or marketing, if the subscriber or user to whom the data relate has given his/her prior consent. Users or subscribers shall be given the possibility to withdraw their consent for the processing of traffic data at any time.

"

b)   the following paragraph shall be added:"

7.  Without prejudice to compliance with provisions other than Article 7 of Directive 95/46/EC and Article 5 of this Directive, traffic data may be processed in the legitimate interest of the data controller for the purpose of implementing technical measures to ensure the network and information security, as defined by Article 4(c) of Regulation (EC) No 460/2004 of the European Parliament and of the Council of 10 March 2004 establishing the European Network and Information Security Agency*, of a public electronic communication service, a public or private electronic communications network, an information society service or related terminal and electronic communication equipment, except where such interest is overridden by those of the fundamental rights and freedoms of the data subject. Such processing shall be restricted to that which is strictly necessary for the purposes of such security activity.

__________

* OJ L 77, 13.3.2004, p. 1.

"

   7) ║Article 13 shall be amended as follows:

a)   paragraph 1 shall be replaced by the following:"

1.  The use of automated calling and communication systems without human intervention (automatic calling machines), facsimile machines (fax) or electronic mail (including short message services (SMS) and multimedia messaging services (MMS)) for the purposes of direct marketing may be allowed only in respect of subscribers who have given their prior consent.

"

b)   paragraph 4 shall be replaced by the following:"

4.  In any event, the practice of sending electronic mail for purposes of direct marketing disguising or concealing the identity of the sender on whose behalf the communication is made, or in contravention of Article 6 of Directive 2000/31/EC, or that contain links to sites that have a malicious or fraudulent intent, or without a valid address to which the recipient may send a request that such communications cease, shall be prohibited.

"

c)   the following paragraph shall be added:"

6.  Without prejudice to any administrative remedy for which provision may be made, inter alia under Article 15a(2), Member States shall ensure that any individual or legal person having a legitimate interest in combating infringements of national provisions adopted pursuant to this Directive, including an electronic communications service provider protecting its legitimate business interests or the interests of its customers, may take legal action against such infringements before the courts.

"

(8)  Article 14(3) shall be replaced by the following:"

3.  Where required, measures may be adopted to ensure that terminal equipment is constructed in a way that is compatible with the right of users to protect and control the use of their personal data, in accordance with Directive 1999/5/EC and Council Decision 87/95/EEC of 22 December 1986 on standardisation in the field of information technology and communications*. Such measures shall respect the principle of technology neutrality.

_____________________

* OJ L 36, 7.2.1987, p. 31.

"

9)   the following Article shall be inserted:"

Article 14a

Committee procedure

1.  The Commission shall be assisted by the Communications Committee set up by Article 22 of Directive 2002/21/EC (Framework Directive).

2.  Where reference is made to this paragraph, Article 5a(1) to (4) and Article 7 of Decision 1999/468/EC shall apply, having regard to the provision of Article 8 thereof.

3.  Where reference is made to this paragraph, Article 5a(1), (2), (4) and (6) and Article 7 of Decision 1999/468/EC shall apply, having regard to the provisions of Article 8 thereof.

"

10)   in Article 15, the following paragraph shall be inserted:"

Providers of publicly available communications services and providers of information society services shall notify the independent data protection authorities, without undue delay, of all requests for access to users" personal data received pursuant to paragraph 1, including the legal justification given and the legal procedure followed for each request; the independent data protection authority concerned shall notify the appropriate judicial authorities of those cases in which it deems that the relevant provisions of national law have not been complied with.

"

11)   the following Article shall be inserted:"

Article 15a

Implementation and enforcement

1.  Member States shall lay down the rules on penalties, including penal sanctions where appropriate, applicable to infringements of the national provisions adopted pursuant to this Directive and shall take all measures necessary to ensure that they are implemented. The penalties provided for must be effective, proportionate and dissuasive. The Member States shall notify those provisions to the Commission by the [time-limit for implementation of the amending act] at the latest and shall notify it without delay of any subsequent amendment affecting them.

2.  Without prejudice to any judicial remedy which might be available, Member States shall ensure that the national regulatory authority has the power to order the cessation of the infringements referred to in paragraph 1.

3.  Member States shall ensure that national regulatory authorities have all the investigative powers and resources necessary, including the possibility to obtain any relevant information they might need to monitor and enforce national provisions adopted pursuant to this Directive.

4.  In order to ensure effective cross-border co-operation in the enforcement of the national laws adopted pursuant to this Directive and to create harmonised conditions for the provision of services involving cross-border data flows, the Commission may adopt technical implementing measures, following consultation with ENISA, the Article 29 Working Party and the relevant regulatory authorities.

Those measures, designed to amend non-essential elements of this Directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 14a(2). On imperative grounds of urgency, the Commission may have recourse to the urgency procedure referred to in Article 14a(3).

"

(12)  Article 18 shall be replaced by the following:"

Article 18

Review

By ...(21), the Commission shall submit to the European Parliament and the Council, having consulted the Article 29 Working Party and the European Data Protection Supervisor, a report on the application of this Directive and its impact on economic operators and consumers, in particular as regards the provisions on unsolicited communications, breach notifications and the use of personal data by public or private third parties for purposes not covered by this Directive, taking into account the international environment. For this purpose, the Commission may request information from the Member States, which shall be supplied without undue delay. Where appropriate, the Commission shall submit proposals to amend this Directive, taking account of the results of that report, any changes in the sector, the Treaty of Lisbon amending the Treaty on European Union and the Treaty establishing the European Community*, in particular the new competences in matters of data protection as laid down in Article 16 of the Treaty on the Functioning of the European Union, and any other proposal it may deem necessary in order to improve the effectiveness of this Directive.

No later than ...+, the Commission shall, following consultation of the European Data Protection Supervisor, the Article 29 Working Party and other stakeholders, including industry representatives, submit to the European Parliament, the Council and the European Economic and Social Committee a report, based on an in-depth study, with recommendations on standard uses of IP addresses and the application of the ePrivacy and Data Protection Directives as regards the collection and further processing of IP addresses.

___________

* OJ C 306, 17.12.2007, p. 1.

"

Article 3

Amendment to Regulation (EC) No 2006/2004

In the Annex to Regulation (EC) No 2006/2004 ║, the following point shall be added:"

17.  As regards the protection of consumers, Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communication sector: Article 13 (OJ L 201, 31.7.2002, p. 37).

"

Article 4

Transposition

1.  Member States shall adopt and publish by […] ║ the laws, regulations and administrative provisions necessary to comply with this Directive. They shall forthwith communicate to the European Parliament and the Commission the text of those provisions and a correlation table between those provisions and this Directive.

They shall apply those provisions from […].

When Member States adopt those provisions, they shall contain a reference to this Directive or be accompanied by such a reference on the occasion of their official publication. Member States shall determine how such reference is to be made.

2.  Member States shall communicate to the Commission the text of the main provisions of national law which they adopt in the field covered by this Directive.

Article 5

Entry into force

This Directive shall enter into force on the […] day following that of its publication in the Official Journal of the European Union.

Article 6

Addressees

This Directive is addressed to the Member States.

Done at ║

For the European Parliament For the Council

The President The President

(1) OJ C 224, 30.8.2008, p. 50.
(2) OJ C 257, 9.10.2008, p. 51.
(3) OJ C 181, 18.7.2008, p. 1.
(4) Position of the European Parliament of 24 September 2008.
(5) OJ L 108, 24.4.2002, p. 7.
(6) OJ L 108, 24.4.2002, p. 21.
(7) OJ L 108, 24.4.2002, p. 33.
(8) OJ L 108, 24.4.2002, p. 51.
(9) OJ L 201, 31.7.2002, p. 37.
(10) OJ L 91, 7.4.1999, p. 10.
(11) OJ L 178, 17.7.2000, p. 1.
(12) OJ L 249, 17.9.2002, p. 21.
(13) OJ L 49, 17.2.2007, p. 30.
(14) OJ L 332, 18.12.2007, p. 27.
(15) OJ L 115, 17.4.1998, p. 31.
(16) OJ L 281, 23.11.1995, p. 31.
(17) OJ L 105, 13.4.2006, p. 54.
(18) OJ L 364, 9.12.2004, p. 1.
(19) OJ L 184, 17.7.1999, p. 23.
(20) OJ C 306, 17.12.2007, p. 1.
(21)+ Two years from the date of entry into force of this Directive.


ANNEX I

DESCRIPTION OF FACILITIES AND SERVICES REFERRED TO IN ARTICLE 10 (CONTROL OF EXPENDITURE), ARTICLE 29 (ADDITIONAL FACILITIES) AND ARTICLE 30 (FACILITATING CHANGE OF SUPPLIER)

Part A

Facilities and services referred to in Article 10:

(a)  Itemised billing

Member States are to ensure that national regulatory authorities, subject to the requirements of relevant legislation on the protection of personal data and privacy, may lay down the basic level of itemised bills which are to be provided by designated undertakings (as established in Article 8) to end-users free of charge in order that they can:

   i) allow verification and control of the charges incurred in using the public communications network at a fixed location and/or related publicly available telephone services, and
   ii) adequately monitor their usage and expenditure and thereby exercise a reasonable degree of control over their bills.

Where appropriate, additional levels of detail may be offered to subscribers at reasonable tariffs or at no charge.

Calls which are free of charge to the calling subscriber, including calls to helplines, are not to be identified in the calling subscriber's itemised bill.

(b)  Selective call barring for outgoing calls, free of charge

i.e. the facility whereby the subscriber can, on request to a designated undertaking that provides telephone services, bar outgoing calls or other kinds of communication of defined types or to defined types of numbers free of charge.

(c)  Pre-payment systems

Member States are to ensure that national regulatory authorities may require designated undertakings to provide means for consumers to pay for access to the public communications network and use of publicly available telephone services on pre-paid terms.

(d)  Phased payment of connection fees

Member States are to ensure that national regulatory authorities may require designated undertakings to allow consumers to pay for connection to the public communications network on the basis of payments phased over time.

(e)  Non payment of bills

Member States are to authorise specified measures, which are to be proportionate, non-discriminatory and published, to cover non-payment of bills of operators designated in accordance with Article 8. These measures are to ensure that due warning of any consequent service interruption or disconnection is given to the subscriber beforehand. Except in cases of fraud, persistent late payment or non-payment, these measures shall ensure, as far as is technically feasible, that any service interruption is confined to the service concerned. Disconnection for non-payment of bills should take place only after due warning is given to the subscriber. Member States may allow a period of limited service prior to complete disconnection, during which only services that do not incur a charge to the subscriber (e.g. "112" calls) are permitted. Access to emergency services through "112" may be blocked in case of repeated misuse by the user.

(f)  Cost control

Member States shall ensure that national regulatory authorities require all undertakings providing electronic communication services to offer means for subscribers to control the costs of telecommunication services, including free of charge alerts to consumers in case of abnormal consumption patterns.

(g)   Best advice

Member States shall ensure that national regulatory authorities require all undertakings providing electronic communication services to recommend their best available tariff package to consumers once a year on the basis of the consumer's consumption pattern for the previous year.

Part B

List of facilities referred to in Article 29:

(a)  Tone dialling or DTMF (dual-tone multi-frequency operation)

i.e. the public communications network supports the use of DTMF tones as defined in ETSI ETR 207 for end-to-end signalling throughout the network both within a Member State and between Member States.

(b)  Calling-line identification

i.e. the calling party's number is presented to the called party prior to the call being established.

This facility should be provided in accordance with relevant legislation on protection of personal data and privacy, in particular Directive 2002/58/EC.

To the extent technically feasible, operators should provide data and signals to facilitate the offering of calling-line identity and tone dialling across Member State boundaries.

(c)   Services in the event of theft

Member States shall ensure that a freephone number common to all mobile telephony service providers is set up for reporting the theft of a terminal and immediately suspending the services associated with the subscription. It must also be possible for disabled users to access this service. Users must be regularly informed of the existence of this number, which must be easy to remember.

(d)   Protection software

Member States shall ensure that national regulatory authorities are able to require operators to make available free of charge to their subscribers reliable, easy-to-use and freely and fully configurable protection and/or filtering software to prevent access by children or vulnerable persons to content unsuitable to them.

Any traffic monitoring data that this software may collect is for the use of the subscriber only.

Part C

Implementation of the number portability provisions referred to in Article 30

The requirement that all subscribers with numbers from the national numbering plan, who so request can retain their number(s) independently of the undertaking providing the service shall apply:

   a) in the case of geographic numbers, at a specific location; and
   b) in the case of non-geographic numbers, at any location.

This paragraph does not apply to the porting of numbers between networks providing services at a fixed location and mobile networks.


ANNEX II

INFORMATION TO BE PUBLISHED IN ACCORDANCE WITH ARTICLE 21 (TRANSPARENCY AND PUBLICATION OF INFORMATION)

The national regulatory authority has a responsibility to ensure that the information in this Annex is published, in accordance with Article 21. It is for the national regulatory authority to decide which information is to be published by the undertakings providing public communications networks and/or publicly available telephone services and which information is to be published by the national regulatory authority itself, so as to ensure that consumers are able to make informed choices. ▌

1.  Name(s) and address(es) of undertaking(s)

i.e. names and head office addresses of undertakings providing public communications networks and/or publicly available telephone services.

2.  Description of services offered

2.1.  Scope of the services offered

2.2.  Standard tariffs, indicating the services provided and the content of each tariff element (e.g. charges for access, all types of usage charges, maintenance charges) ▌. Details of standard discounts applied, special and targeted tariff schemes and any additional charges, as well as costs with respect to terminal equipment, shall also be included.

2.3.  Compensation/refund policy, including specific details of any compensation/refund schemes offered.

2.4.  Types of maintenance service offered.

2.5.  Standard contract conditions, including any minimum contractual period, termination of the contract, procedures and direct charges related to the portability of numbers and other identifiers, if relevant.

3.  Dispute settlement mechanisms including those developed by the undertaking.

4.  Information about rights as regards universal service, including where appropriate the facilities and services mentioned in Annex I.


ANNEX III

QUALITY OF SERVICE PARAMETERS

SUPPLY-TIME AND QUALITY-OF-SERVICE PARAMETERS, DEFINITIONS AND MEASUREMENT METHODS REFERRED TO ARTICLES 11 AND 22

For undertaking designated to provide access to a public communications network

PARAMETER

(Note 1)

DEFINITION

MEASUREMENT METHOD

Supply time for initial connection

ETSI EG 202 057

ETSI EG 202 057

Fault rate per access line

ETSI EG 202 057

ETSI EG 202 057

Fault repair time

ETSI EG 202 057

ETSI EG 202 057

For undertaking designated to provide a publicly available telephone service

Call set up time

(Note 2)

ETSI EG 202 057

ETSI EG 202 057

Response times for operator services

ETSI EG 202 057

ETSI EG 202 057

Response times for directory enquiry services

ETSI EG 202 057

ETSI EG 202 057

Proportion of coin and card operated public pay-telephones in working order

ETSI EG 202 057

ETSI EG 202 057

Bill correctness complaints

ETSI EG 202 057

ETSI EG 202 057

Unsuccessful call ratio

(Note 2)

ETSI EG 202 057

ETSI EG 202 057

Version number of ETSI EG 202 057 is 1.1.1 (April 2000)

Note 1

Parameters should allow for performance to be analysed at a regional level (i.e. no less than level 2 in the Nomenclature of Territorial Units for Statistics (NUTS) established by Eurostat).

Note 2

Member States may decide not to require that up-to-date information concerning the performance for these two parameters be kept, if evidence is available to show that performance in these two areas is satisfactory.

Legal notice - Privacy policy