Release of a classified document to ENISA - Main contents
Contents
Document date | 30-05-2011 |
---|---|
Publication date | 22-01-2013 |
Reference | 10864/11 |
From | The General Secretariat |
To | Coreper |
External link | original PDF |
Original document in PDF |
COUNCIL OF Brussels, 30 May 2011 PUBLIC
THE EUROPEAN UNION
10864/11
LIMITE
CSC 29
“I” ITEM NOTE
From: The General Secretariat
To: Coreper
Subject: Release of a classified document to ENISA
-
1.Regulation (EC) No 460/2004 i of the European Parliament and of the Council of 10 March 2004 establishes the European Network and Information Security Agency, ENISA 1 , which is a
Union Agency. The mission of ENISA is to achieve a high and effective level of network and information security within the European Union by preventing, addressing and responding to network and information security problems.
-
2.The Commission has recently put forward a proposal aimed at modernising and broadening
ENISA's mandate (see doc. 14358/10) which is currently under discussion in the Council. Inter alia, the revised mandate would introduce a new article 17 into ENISA's founding act providing for ENISA to handle, process and store classified information once it has adopted internal rules of operation applying the security principles contained in Commission Decision 2001/844/EC.
1 OJ L 77 of 13.3.2004, p 1
10864/11 VL/jb 1
-
3.In June 2010, the Council Security Committee (CSC) agreed that representatives of the
agencies and bodies which apply the Council's security regulations (namely Europol, Eurojust, EUSC and EDA) should be invited to attend meetings of the CSC whenever any substantive discussion took place on changes to the Council security rules or on security policies and guidelines to implement them (see doc 11425/10). ENISA has since also been invited to attend CSC meetings, as under its revised mandate it will apply the Commission's security provisions.
-
4.In June 2010, the CSC also concluded that it would be desirable for the GSC to be able to
exchange classified information up to RESTREINT UE/EU RESTRICTED with ENISA, and that an administrative arrangement in the form of an exchange of letters should be sought to that end, in accordance with the Council's security rules. Work is still underway on such an administrative arrangement with ENISA.
-
5.On 13 May 2011, the CSC agreed to recommend that the draft policy on cryptography
(doc. 10745/11 RESTREINT UE/EU RESTRICTED) be made available to ENISA.
-
6.In light of the above, Coreper is therefore requested to authorise the ad hoc release of the draft
policy on cryptography (doc. 10745/11 RESTREINT UE/EU RESTRICTED) to ENISA, on the understanding that the letter releasing the document to the Executive Director of ENISA in Annex will require ENISA to confirm in writing that it will protect the classified document in question in accordance with the Council's security rules.
_________________
ANNEX
Re: Draft policy on cryptography - document classified as RESTREINT UE/EU RESTRICTED
[… June 2011]
Dear Dr Helmbrecht,
In the context of ENISA's attendance at Council Security Committee meetings, please find enclosed the draft policy on cryptography which is classified as RESTREINT UE/EU RESTRICTED.
I would ask you to confirm in writing that this document will retain the security classification
RESTREINT UE/EU RESTRICTED given to it by the General Secretariat of the Council (GSC)
and will be safeguarded in accordance with the Council's security rules 1 . In particular:
− ENISA will not use the information or the document for purposes other than those for which it
has been released to ENISA;
− ENISA will not disclose the information or the document to third parties without the prior
written consent of the GSC;
− ENISA will ensure that access to the information or the document will be authorised only for
individuals who have a need-to-know;
− ENISA will ensure that, before being given access to the information or the document, all
individuals who require access thereto are briefed on and comply with the protective security requirements for the information they are to access;
− The document, which is classified as RESTREINT UE/EU RESTRICTED, is being forwarded
to ENISA in hard copy only. It may not be handled or stored in communication or information systems;
1 Council Decision 2011/292/EU, OJ L 141 of 27 May 2011, page 17.
− ENISA will ensure that all premises, areas, buildings, offices, and rooms in which this EU
classified information or document is stored and/or handled, are protected by appropriate physical security measures.
− ENISA will ensure that, on receipt, the document is recorded in a special register. ENISA will
ensure that any copies thereof made by the recipient, as well as their distribution and destruction, are recorded in this special register;
− ENISA will notify the GSC of any case of compromise of the document or information. In
such a case, ENISA will initiate investigations and take appropriate measures to prevent a recurrence.
Sincerely yours,
Pierre DE BOISSIEU
Secretary-General
Cc: Mr Alex Van Decraen, Security Officer, ENISA
The EU Monitor enables its users to keep track of the European process of lawmaking, focusing on the relevant dossiers. It automatically signals developments in your chosen topics of interest. Apologies to unregistered users, we can no longer add new users.This service will discontinue in the near future.