Tag Archives: European commission

Fight against spam, spyware and malicious software

Fight against spam, spyware and malicious software

Outline of the Community (European Union) legislation about Fight against spam, spyware and malicious software


These categories group together and put in context the legislative and non-legislative initiatives which deal with the same topic.

Information society > Internet Online activities and ICT standards

Fight against spam, spyware and malicious software

Document or Iniciative

Communication from the Commission of 15 November 2006 to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on fighting spam, spyware and malicious software [COM(2006) 688 final – Not published in the Official Journal].


This Communication presents a summary of the initiatives adopted so far to deal with the threats posed by spam *, spyware * and malicious software (malware). It also summarises the measures that need to be taken by Member States, businesses and the EU to ensure that this problem is dealt with in a more effective manner.


The EU recently adopted measures intended to penalise illegal online activities:

  • the 2002 Directive on Privacy and Electronic Communications, which prohibits the sending of spam;
  • the 2004 Communication on Spam, which details the actions intended to supplement the Directive. These actions relate to raising awareness, self-regulation, technical solutions, cooperation and enforcing the law);
  • the Safer Internet plus programme on promoting safer use of the Internet and new online technologies;
  • the Unfair Commercial Practices Directive, which protects consumers against aggressive commercial practices;
  • meaures to raise the issue of combating spam, spyware and malware in discussions with third countries.

Action to raise awareness

Member States have launched campaigns to make users aware of the spam problem and how to deal with it. Internet service providers (ISPs) also offer their customers advice on how to protect themselves against spyware and viruses.

International cooperation

By its very nature, spam is a cross-border problem. A number of international cooperation initiatives and mechanisms for cross-border enforcement of the law have been put in place. The Commission has supported these initiatives by means of:

  • the establishment of the Contact Network of Spam Enforcement Authorities(CNSA), which promotes the sharing of best practice and cooperates on cross-border enforcement of the law;
  • support for the London Action Plan, which includes enforcement authorities from 20 countries and which has adopted a cross-border cooperation procedure;
  • cooperation between the European Union and its main international partners (particularly the United States, Canada, China and Japan) in the fight against spam, spyware, and illegal and malware.

Research and technological development

Under the Sixth Research Framework Programme, the Commission has launched various projects intended to help stakeholders combat spam and other forms of malicious software. Such actions include:

  • the establishment of a research community dedicated to malware containment;
  • the development of European infrastructure to monitor internet traffic;
  • the development of adaptive phishing filters which can detect unknown threats and cyber attacks.

Industry actions

Industry is playing a pro-active role in the fight against spam.

ISPs have introduced technical measures to combat spam, particularly in the field of anti-spam filters. They provide users with help desk support and software against spam, spyware and malware. In addition, most ISPs have inserted contractual clauses prohibiting online malpractices.

Mobile phone operators have introduced their own measures, in the form of codes of conduct intended to combat unsolicited messages.

Enforcement actions

The fight against spam is clearly yielding results. The filtering measures imposed in Finland have reduced the proportion of spam in email from 80% to 30%.

However, there are still substantial differences between Member States as regards the actual number of prosecutions. The authorities in some countries have launched a significant number of investigations, which had led to penalties for those engaging in spam activities. However, in other Member States, the number of prosecutions has been very small.


Action at Member State level

Obstacles remain to the effective implementation of the European Privacy Directive in most Member States. For progress to be made, there is need for a clear definition of responsibilities.

Close cooperation should be put in place at the national level between the authorities, network operators and ISPs. The aim is to promote the exchange of information and technical expertise, and to encourage the pursuit of online malpractices.

In addition, international cooperation continues to be a major element in the fight against spam and should therefore be encouraged. Efforts must also be made to ensure that the necessary resources (such as online complaints procedures) are dedicated to the enforcement of the law.

Industry action

Online software offers constitute a very much employed method for delivery and installation of spyware on users’ computer terminals. In order to prevent spyware from reaching end users, companies offering software products are encouraged to clearly describe all the terms and conditions of the offer and to ensure that their software complies with data protection legislation. Self-regulation and the use of quality labels can also be used to distinguish between reputable and non-reputable companies.

Companies that sell products should introduce contractual provisions that prohibit their trading partners from the illegal use of software in advertising. Also, the Commission recommends that they monitor how advertisements reach consumers and that they follow up on instances of malpractice.

Service providers are encouraged to filter electronic mail in accordance with the relevant recommendations and guidelines (especially those issued by the working group on data protection).

Action at European level

The 2006 Communication on the review of the regulatory framework for electronic communications proposes strengthening the rules on privacy and security. The Commission may also propose new rules concerning the severity of penalties for infringements.

On account of its expertise, the European Network and Information Security Agency (ENISA) has an important role to play in the fight against illegal online activities. The Commission intends to make use of this expertise to examine the viability of a European information sharing and alert system, which would react to threats to electronic networks.

New actions intended to provide better security for information systems will be launched under the Seventh Research Framework Programme.

In addition, the Commission will continue to draft agreements with third countries concerning the fight against spam, spyware and malicious software.


The large-scale sending of unsolicited electronic messages continues to cause concern. Spam accounts for 50-80% of messages sent to end users. The majority originate from outside the EU (particularly from Asia and the United States), but 25% of unsolicited messages are passed on by European countries.

The worldwide cost of spam is estimated at EUR 39 billion.

Spam is not simply a nuisance for end users, it can also be fraudulent and criminal, particularly when it makes use of phishing software.

Key terms used in the act
  • Phishing: electronic mail that convinces end users to reveal confidential data via websites that imitate the sites of bona fide companies
  • Spyware: software that is installed on a user’s computer without his knowledge. Such software transmits information on the user and his habits once connected to the internet. Such information is usually intended for use by advertisers.
  • Spam: electronic messages sent in large numbers to internet users without their consent. These unsolicited electronic messages are usually of a commercial nature. Spam is the electronic equivalent of stuffing letter boxes with advertising materials that have not been requested by their recipients.

Directorate-General for Humanitarian Aid and Civil Protection

Directorate-General for Humanitarian Aid and Civil Protection

Outline of the Community (European Union) legislation about Directorate-General for Humanitarian Aid and Civil Protection


These categories group together and put in context the legislative and non-legislative initiatives which deal with the same topic.

Humanitarian aid

Directorate-General for Humanitarian Aid and Civil Protection (ECHO)

Since the adoption of the Lisbon Treaty, the EU has had an exceptional shared competence in the area of humanitarian action, i.e. it has the power to conduct operations and a European policy in addition to those of the Member States. The Commission ensures the smooth coordination of action at European and national level.

Humanitarian aid

Humanitarian aid is specifically intended for developing countries. It is implemented via the instrument for humanitarian aid which finances emergency operations, in particular with the aim to:

  • provide assistance, relief and protection for the local population;
  • provide food aid and assistance to displaced persons;
  • support disaster preparedness and crisis rehabilitation actions.

These operations are conducted depending on the needs and interests of the victims, in accordance with international law and the principles of impartiality, neutrality and non-discrimination laid down by the European Consensus on humanitarian aid.

ECHO intervenes in partnership with organisations that have signed a framework partnership agreement with the Commission, such as the specialised agencies of the United Nations, the Red Cross, the Red Crescent and numerous non-governmental organisations.

Civil protection

ECHO also intervenes in the event of natural or man-made disasters (earthquakes, floods, industrial accidents, etc.) occurring in the EU. Its action is implemented via the Civil Protection Financial Instrument in response to requests for assistance from the countries affected.

The EU’s action involves encouraging cooperation between national civil protection services, principally with the aim of:

  • supplementing and supporting Member States’ prevention, preparedness and response activities;
  • faciliting rapid operational cooperation between Member States.

The EU can also conduct civil protection operations in non-Member States, more specifically with the accession candidate countries and the Mediterranean partner countries.


The EU is one of the world’s biggest providers of humanitarian aid funding. Since 1992, operations directed by ECHO have channelled aid to regions in crisis in more than 85 countries.

Compliance work plan and scoreboard

Compliance work plan and scoreboard

Outline of the Community (European Union) legislation about Compliance work plan and scoreboard


These categories group together and put in context the legislative and non-legislative initiatives which deal with the same topic.

Maritime Affairs And Fisheries > Management of fisheries resources and the environment

Compliance work plan and scoreboard

Document or Iniciative

Communication from the Commission – Compliance with the rules of the Common Fisheries Policy “Compliance work plan and scoreboard” [COM(2003) 344 final – Not published in the Official Journal].


Before presenting its compliance work plan, the Commission first assessed the degree of compliance in the application of the CFP. The assessment shows that the Member States have made progress. This is borne out by the introduction of vessel monitoring systems (VMS’s); more direct participation by the fisheries sector in the CFP; the progress made in terms of the means of control allocated and the implementation of comprehensive control systems by some Member States.

Deficiencies in the application of the CFP

However, some shortcomings continue to exist. These can be attributed in particular to the following:

  • delays in national authorities implementing of Community requirements concerning fisheries controls;
  • deficient application of restrictions on catches (TACs and quotas) and the fishing effort (number of days at sea);
  • the fact that the capacity of the Member States’ fishing fleet is not adapted to fishing opportunities (contrary to Article 11 of Regulation (EC) No 2371/2002);
  • shortcomings in the national control systems and irregularities in the collection of the data communicated to the Commission;
  • shortcomings in the data sent to the Community fleet register (engine power).

Continuing to fish after quotas have been exhausted generates fishing mortality for the stocks concerned throughout the year at a level much higher than allowed. This explains why the mortality rate for some stocks (cod, hake, etc.) has not fallen in proportion to these restrictions. In addition, inspection and monitoring by the Member States is inadequate and the collection of data is unsatisfactory. These have to be improved.

Compliance work plan

In order solve these deficiencies, the Commission is proposing a compliance work plan intended to achieve a more effective, uniform and equitable application of the rules of the CFP by all the Member States. It focuses on three areas:


Cooperation with and between Member States

Cooperation with the Member States within the Management Committee for Fisheries and Aquaculture and the fisheries control expert group should be enhanced. In particular, the rules on the fishing fleet should be examined and deficiencies observed in the Member States’ inspection and control systems should be raised. These forums are also responsible for monitoring the implementation of joint inspection programmes. The Commission will take responsibility for coordinating its activities with those of the Member States.

Cooperation with the sector

The work plan is also intended to provide support for the fisheries sector. The economic viability of the sector depends on the health of fish stocks and on compliance with rules. However, fishermen are unwilling to apply them for fear of unfair competition from other market participants who are not complying with the rules. For this reason, it is not only essential that a more level playing field in terms of control is guaranteed, but also that the sector is informed on the degrees of compliance achieved.

The forums intended to deal with these issues are the Advisory Committee for Fisheries and Aquaculture(ACFA) and the Regional Advisory Councils (RACs). They make it possible to improve understanding of the CFP in the fisheries sector, to seek the opinion of the sector on drafts of legislative proposals, to present compliance scoreboards (see below) and to examine any complaints from the sectors concerning unfair competition resulting from the lack of a level playing field in the application of the rules by the Member States.


Compliance scoreboard

To improve transparency, the Commission has drawn up a compliance scoreboard, which it publishes each year. The scoreboard, which is published on the internet, makes it possible to compare the Member States’ compliance with their obligations under the CFP, in particular as regards:

  • conservation of fisheries resources;
  • fleet management;
  • structural policy;
  • control and enforcement.

The compliance scoreboard also provides an overview of the infringement procedures launched by the Commission and the number and subject matter of missions carried out by its inspectors.



It is proposed that the Commission and the Member States adopt the same priorities in terms of inspection and control. The first priority relates to stocks that exceed the biological limits in certain ICES divisions. For such stocks, recovery plans will be drawn up, accompanied by specific monitoring programmes, coordinated and enhanced by the Member States. The Commission will carry out inspections, possibly without the aid of national inspectors, in order to monitor implementation of the programmes.

Secondly, the Commission inspectors will verify the Member States’ compliance concerning:

  • the application of restrictions on fishing effort in the North Sea, the west of Scotland and Rockall ICES divisions;
  • the application of conservation measures for highly migratory species;
  • compliance with the requirements for keeping a log book in the Mediterranean Sea;
  • the effectiveness of the measures taken to monitor engine power.

Thirdly, the Commission will cooperate with third countries:

  • via bilateral agreements;
  • within regional fisheries organisations;
  • within the Food and Agriculture Organisation of the United Nations as regards illicit fishing. This cooperation also requires coordination of measures at Community level.

Lastly, the Commission will aid in extending VMS to include small vessels and will improve its implementing provisions. It also intends to provide support for pilot projects relating to remote sensing and the electronic logbook.

Transfer of tasks

The Commission has decided to delegate other tasks to the Member States in order to devote more time to the priorities mentioned above. This is the case for the monitoring of compliance with the rules in the NAFO and NEAFC zones, which come under the responsibility of the Member States in accordance with the basic regulation.

Enforcement measures

In accordance with the basic regulation, the Member States must deprive those responsible for committing infringements of any economic benefit thus gained and also deter them from committing any further infringements of this kind in the future. To obtain compliance with the rules, the Commission makes use of the means granted to it under the CFP. It may in particular:

  • take preventative measures if fishing activities constitute a serious threat to the conservation of resources, particularly owing to landings that exceed quotas;
  • carry out deductions from a Member State’s future fishing opportunities if it has exceeded the fishing opportunities granted to it;
  • suspend financial aid under structural measures, with the exception of funds intended for the dismantling of vessels, if a Member State’s fleet capacity exceeds the limits imposed on it;
  • launch formal infringement procedures where deficiencies are identified in the national control and enforcement systems jeopardising certain vulnerable stocks.

In general terms, the Commission acts in accordance with the following guidelines:

  • to facilitate compliance with the rules by actively supporting the Member States and by ensuring cooperation between them;
  • to increase transparency as regards compliance with the rules, particularly through the publication of a compliance scoreboard;
  • to give priority to inspections concerning the Member States’ application of the rules of the CFP for certain vulnerable stocks (particularly as regards inspections carried out without the assistance of national inspectors);
  • to request that the Member States carry out an administrative inquiry into the illegal landings of cod and hake;
  • to limit the number of referrals to the Court of Justice in the event of non-compliance with conservation and control measures and of deficiencies in the national control and enforcement systems that fundamentally affect the effectiveness of these measures;
  • to make use of the commercial, trade and tax data to identify such illegal landings.


The compliance work plan and scoreboard form part of the monitoring of the reform of the CFP.

They form part of a convergence process initiated by the action plan for cooperation in enforcement which ultimately led to the creation of a joint inspection structure: the Community Fisheries Control Agency. Even though the Community Agency has been set up in the meantime, the compliance scoreboard continues to be published every year. It makes it possible to improve transparency, thereby encouraging all the Member States to enforce the rules of the CFP.

Related Acts

Communication from the Commission, of 21 March 2003, ‘Towards uniform and effective implementation of the Common Fisheries Policy’. [COM(2003) 130 final – Not published in the Official Journal].

Communication from the Commission, of 28 May 2002, on the reform of the Common Fisheries Policy – Roadmap. [COM(2002) 181 final – Not published in the Official Journal].

Definition of micro, small and medium-sized enterprises

Definition of micro, small and medium-sized enterprises

Outline of the Community (European Union) legislation about Definition of micro, small and medium-sized enterprises


These categories group together and put in context the legislative and non-legislative initiatives which deal with the same topic.

Enterprise > Business environment

Definition of micro, small and medium-sized enterprises

Document or Iniciative

Commission Recommendation 2003/361/EC of 6 May 2003 concerning the definition of micro, small and medium-sized enterprises [Official Journal L 124 of 20.05.2003].


The definition of micro, small and medium-sized enterprises is updated to take account of economic developments since 1996 (inflation and productivity growth) and the practical lessons learnt.

The new definition thus qualifies small and medium-sized enterprises (SMEs) and the concept of the microenterprise. It strengthens the efficiency of the Community programmes and policies designed for these businesses. The aim is to ensure that enterprises whose economic power exceeds that of an SME do not benefit from the support mechanisms specifically intended for SMEs.

Micro, small and medium-sized enterprises

Micro, small and medium-sized enterprises are defined according to their staff headcount and turnover or annual balance-sheet total.

A medium-sized enterprise is defined as an enterprise which employs fewer than 250 persons and whose annual turnover does not exceed EUR 50 million or whose annual balance-sheet total does not exceed EUR 43 million.

A small enterprise is defined as an enterprise which employs fewer than 50 persons and whose annual turnover and/or annual balance sheet total does not exceed EUR 10 million.

A microenterprise is defined as an enterprise which employs fewer than 10 persons and whose annual turnover and/or annual balance sheet total does not exceed EUR 2 million.

Autonomous, partner, linked enterprises

The new definition of an SME clarifies the typology of enterprises. It distinguishes between three types of enterprise on the basis of the type of relations they have with other enterprises in terms of percentage interest in capital, voting rights or the right to exercise a dominant influence:

  • autonomous enterprises;
  • partner enterprises;
  • linked enterprises.

Autonomous enterprises are by far the most common. These include all enterprises which are not one of the other two types (partner or linked). An enterprise is autonomous if it:

  • does not have a holding of 25 % or more in another enterprise;
  • is not owned 25 % or more by an enterprise or public body or jointly by several linked enterprises or public bodies, with a few exceptions;
  • does not draw up consolidated accounts and is not included in the accounts of an enterprise which draws up consolidated accounts and is thus not a linked enterprise.

An enterprise may continue to be considered autonomous, even if this 25 % ceiling is reached or exceeded, if there are certain categories of investor who play a positive role in business financing and creation, such as “business angels”.

Partner enterprises: This type represents the situation of enterprises which establish major financial partnerships with other enterprises, without the one exercising effective direct or indirect control over the other. Partners are enterprises which are neither autonomous nor linked to one another. An enterprise is a partner of another enterprise if:

  • it has a holding of 25 % to less than 50 % in the other enterprise;
  • the other enterprise has a holding of 25 % to less than 50 % in the applicant enterprise;
  • the applicant enterprise does not draw up consolidated accounts which include the other enterprise, and is not included by consolidation in the accounts of the other enterprise or of an enterprise linked to it.

Linked enterprises correspond to the economic situation of enterprises which form a group through the direct or indirect control of the majority of the capital or voting rights (including through agreements or, in certain cases, through individual shareholders), or through the ability to exercise a dominant influence on an enterprise. Such cases are thus less common and very different from the two preceding types. To avoid difficulties of interpretation for enterprises, the European Commission has defined this type of enterprise by adopting – wherever they are suitable for the purposes of the definition – the conditions set out in Article 1 of Council Directive 83/349/EEC on consolidated accounts, which has been in application for several years. An enterprise will thus generally know immediately that it is linked, since it is already required under that Directive to draw up consolidated accounts or is included by consolidation in the accounts of an enterprise which is required to draw up such consolidated accounts.

Staff headcount relevant to the definition of micro, small and medium-sized enterprises

The staff headcount is measured in annual work units (AWU), i.e. the number of persons who worked full-time within the enterprise in question or on its behalf during the entire reference year under consideration. The work of persons who have not worked the full year or have worked part-time is counted as fractions of AWU. Apprentices or students engaged in vocational training under an apprenticeship or vocational training and maternity or parental leave are not counted.

Legal value of the definition

The definition of micro, small and medium-sized enterprises is binding only for certain matters, such as State aid, implementation of the Structural Funds or Community programmes, particularly the Framework Programme on Research and Technological Development.

The European Commission nevertheless urges the Member States, the European Investment Bank and the European Investment Fund to use it as a reference. The measures taken in support of SMEs will then be more consistent and effective.


To allow a smooth transition at Community and national level, the new definition has been used since 1 January 2005.

On the basis of a review of the application of the definition of 6 May 2003, and taking account of any amendments to Article 1 of Directive 83/349/EEC on the definition of linked enterprises within the meaning of that Directive, the Commission will if necessary amend this definition, particularly the ceilings for turnover and for the balance-sheet total, in order to take account of experience and economic developments in the European Union.


The Commission adopts a new definition of micro, small and medium-sized enterprises to replace, from 1 January 2005, the definition laid down in Recommendation 96/280/EC.


Act Entry into force Deadline for transposition in the Member States Official Journal
Recommendation 2003/361/EC 1.1.2005 OJ L 124 of 20.5.2003