By Daria Catalui
Some time ago, in 2007, when I was studying Public Policy and e-Government at the University of Bucharest and reading about the EU Digital priorities with interest, Romania was joining The Club, becoming a full member of the EU family. Naturally, this was a celebrated moment with many promising ideals especially for students, young professionals, and youth in general. It proved to be the beginning of a dynamic transition period with both opportunities and pitfalls. Essentially, the road to integration started back then.
Time-travelling to January 2019, the beginning of #RO2019EU (the Romanian Presidency of the Council of the EU), the once-upon-a-time student – now a cyber professional in Brussels – observes different kinds of changing aspects in the Romanian reality.
For instance, among the driving forces of this presidency, I would refer to Romania’s leadership role in key areas for the EU such as the Danube region strategy, the Black Sea synergies, and the Neighborhood policy with the Balkans…and of course to this being the first time that the rotating Presidency of the Council of the EU is assumed by one of the latest member states, a country with its own regional and national challenges.
It was against this background that the #RO2019EU marathon started and that for the first six months of 2019 a young gender-balanced team – led by a female top diplomat – went through long days of EU file negotiations. This was done in close collaboration with agenda-driven officials from the European Commission, with ambitious politicians from the European Parliament, and indeed with tireless diplomatic representatives from the member states.
Officially, this presidency aimed at bringing a contribution to ensure convergence and cohesion in Europe, in order to achieve sustainable and equal development opportunities for all citizens and member states…by increasing competitiveness and reducing development gaps, by promoting connectivity and digitalization, by stimulating entrepreneurship, and by consolidating the EU industrial policy (more here).
Nonetheless, one single topic attracted the attention of the once-upon-a-time student in Bucharest – now transitioned to the European capital like many other EU aficionados.
This single topic focused on the intersection between offline risks and online risks, that is on the awareness and training options all EU citizens should have in order to be cyber savvy (in fact, a trendy topic nowadays for many, if we look how high it has been raised on the public agenda worldwide).
It was a priority for #RO2019EU too, and as one of the people directly involved in the presidency, I would assess that each month brought a cyber achievement for the EU block as a whole:
- March, negotiations: This milestone, achieved on March 13, was focused on the creation of a European Cybersecurity Industrial, Technology and Research Centre. The starting point took place when the EU ambassadors granted the Council Presidency a mandate to start talks with the European Parliament on pooling cybersecurity expertise (more here). The working group for this project had intense discussions and negotiations over long hours, ending in a stable text for legislators to consider. What I could observe in this process is the motivation of all involved stakeholders to ramp up the cyber capabilities and promote a consolidation of the EU’s financing lines on cybersecurity. The next rotating presidency in Finland, #EU2019FI, will continue this work.
- April, event: Focused on the topic of disinformation and role of cyber controls, I would recommend the presentations from the High-Level Conference on the Fight against Online Disinformation. The speakers touched upon the main problems we have regarding disinformation and, at the same time, advanced some common-sense advice. The event was timely scheduled, on the eve of the European Elections, and included several exercises on regional and national elections. Much should be done on this, although I observe a need for walking the talk on this subject together with the big private players.
- May, publication: A framework published by the Council of the EU that allows the EU to impose targeted restrictive measures to deter and respond to cyberattacks constituting an external threat to the EU or its member states. Cyberattacks against third states or international organizations where restricted measures are considered necessary to achieve the objectives of the Common Foreign and Security Policy (CFSP) were also included (more here). This framework was, indeed, a milestone for the debate on cyber attribution, because after having exercised, planned, and discussed how to coordinate its efforts, now the EU block could also deploy effective measures. Of course, this milestone is a first step, and much should be done on improving the times of response, on gathering knowledge on the technical aspects, and on sharing information as part of the process by default.
- June, news: The entry into force of the EU Cyber Security Act was the big cybernews. This act has two main objectives: (1) strengthening the mandate of the EU’s cyber security agency (ENISA) to support EU member states with tackling cyber security threats and attacks, and (2) establishing an EU‐wide cyber security certification framework. This is a policy package long negotiated and taken care of by the European Commission’s DG Connect I would like to highlight the excellent timing to endorse ENISA’s good work over the years (kudos to my former colleagues!) and good complementarity with the EU Cyber Security Strategy adopted in 2013. I only hope the certification will benefit of some swift progress during the next months in order to create a clear path for all stakeholders involved.
As a conclusion, the topic of Cyber in the EU has received important updates in the last months, which means that any student working on this policy area will have a lot to analyze and debug. For a Romanian student back in Bucharest, these new times have brought unique opportunities, like being able to be involved at the core of the EU decision-making, as a part of the team having the leading role.
In such times, the normality transitioned by new member states refers to studying the EU block rules, to understanding and integrating them as part of one’s own. But – spot on observation! – a presidency mandate develops the overall EU solidarity and its diplomatic networks, giving the opportunity to integrate new styles and fresh views. Ultimately, it participates to a process of reciprocal better cultural understanding and discovery.
The author, Daria Catalui, is an experienced cyber-training and awareness professional having contributed to the work of #RO2019EU, to the European Commission’s corporate awareness program, and to ENISA’s initiatives for digital education. You can follow her on Twitter or connect with her on LinkedIn.