Designating programmes and companies as ‘dangerous’ from the point of view of cyber defence

6.3.2019

Question for written answer P-001206-19
to the Commission
Rule 130
Gerolf Annemans (ENF)

On 13 June 2018, the European Parliament adopted a Resolution[1] on cyber defence. Paragraph 76 names a private business, namely Kaspersky Lab, whose programmes it brands ‘dangerous’ and even ‘malicious’, without any further explanation.

1. Does the Commission know of any reason other than certain press articles that justifies the labelling of Kaspersky as ‘dangerous’ or ‘malicious’, especially since Member States such as Germany[2], France[3] and Belgium[4] do not perceive any problems with cooperation with the firm concerned?2. Does the Commission know whether any programmes and devices other than those of Kaspersky were discussed with a view to an EU ban?3. Does the Commission know of any reports or opinions of cyber experts or consultancies about Kaspersky Lab, and can it give me references to them?

• [1] http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P8-TA-2018-0258+0+DOC+XML+V0//NL&language=NL
• [2] http://dipbt.bundestag.de/doc/btd/19/060/1906048.pdf
• [3] http://www.senat.fr/compte-rendu-commissions/20181001/etr.html
• [4] https://www.tijd.be/nieuws/archief/belgie-bant-russische-antivirussoftware-niet/10064355.html