English
The law of cybersecurity is likely to be passed this year, deputy Georgian Pop, president of the Commission for the audit of the activity of the SRI, says.
The Romanian Constitutional Court (CCR) announced, early this year, that the law concerning Cybersecurity violates the provisions of the Constitution concerning the rule of law and the principle of legality, as well as those concerning privacy and family life, specifically the secrecy of correspondence. The reason invoked by the Romanian Constitutional Court was that the national authority in the field of cybersecurity should be a civilian entity, to guarantee those rights, instead of the National Cybersecurity Center (CNSC), which already operates as part of the SRI.
During the National Cybersecurity conference organized on May 21st, by BURSA and IntelSeCo, in association with Swiss Webacademy, the Romanian Banking Association and the Romanian Banking Institute, Mr. Pop explained: "I think that the manner in which the debate concerning this has been approached is the right one: the Presidency has called every political party to sit down at the negotiations table and the result was a version that was agreed on by everybody, in line with what the Constitutional Court ruled last winter. The support of the entire political spectrum for such a law that was absolutely necessary is very important. That is why I think that it will be passed quickly and will come into effect this year".
The MP wanted to mention that the Ministry for the Computerized Society is the initiator of the law and that it will put it up for public debate soon. According to the quoted source, politicians are now faced with the challenge of regulating cyberspace and keeping the balance between the right to citizens' private life and the interest of providing the necessary tools for fighting cybernetic attacks.
Georgian Pop mentioned that, amid the need to regulate cyberspace, major controversies have been sparked in the public space, because honest people think that the measures for preventing or fighting these attacks are actually aimed at them.
The head of the Commission for exercising parliamentary control of the activity of the SRI explained: "Cybersecurity is a relatively new segment. For us politicians, the main dilemma that arises is to find a fair balance. We need to find those mechanisms that are even intrusive sometimes, to protect citizens, the institutions of the state or the social systems from attacks or harmful actions. From that perspective, controversies arise because the honest people think that the negative measures through which we try to offset every negative action in the cybersecurity area are directed against them, but that is not true. Paradoxically, perhaps our spies use those benefits as well, but their certainly use those as well. This raises a great responsibility for us to, in a relatively short amount of time, to find a legal juridical regulation and to provide the institutions of the state with judicial tools to get their job done".
The ruling of the Constitutional Court of January created a legislative vacuum in the sector, which needs to be resolved quickly, given the current geopolitical context. Georgian Pop claims that Romania is now in the paradoxical situation where at NATO's summit in Wales, last year, it was awarded the extremely important mission of ensuring Ukraine's cybersecurity, through the SRI (Romanian Intelligence Service), but it still doesn't have a law regulating cyberspace to this day. "We now have the responsibility to find those formulas that will allow the new law to comply with the rulings of the Constitutional Court. On the other hand, the law should uphold the social and individual development of every citizen thanks to be benefits of technology, but we also need to succeed in stopping hackers, terrorists, organized crime or spies that want to use cyberspace for their own gain and to our detriment", Mr. Pop said in closing.
The draft law concerning the cybernetic security to create the National Cybersecurity System (SNSC), which reunites the authorities and public institutions with responsibilities and capabilities in the security field. The authorities and the public institutions of the SNSC were going to collaborate with the owners of cybernetic infrastructure, the academic environment, the business environment, the professional associations and the non-governmental organizations.
At yesterday's BURSA conference, heavy debates were held around the national cybersecurity national authorities, namely whether it should be overseen by the SRI or by the civil society.
Deputy Georgian Pop said that balance is essential in the passing of this law and he said that he doesn't know what the new version of this law will include when it comes to the control authority: "Access to private data can not be done without a warrant from a judge. The new law will not include anything different in that regard. The problem is what kind of warrants are granted. This is the dilemma of the blank warrant that allows the competent entities to access the data of many citizens. In reality, it sets a circle of suspects, as small as possible, and then the warrant is requested. We also need to give the public the following situation to think about: we are dealing with sophisticated attacks of cybernetic espionage. They are being countered by the SRI, which is trained for such situations and does preventive activities. SRI works with classified data. If the oversight authority will be controlled by the civil society, how will the SRI transfer that classified data? And in spite of this, there are still debates about competence and the guarantee that this type of entity can protect you".
In turn, Bebe Viorel Ionică, secretary of state in the Ministry for Computerized Society, said that the institution will put up for debate in the coming period the new draft law, which is intended to produce a more succinct approach compared to the old one which was rejected by the Romanian Constitutional Court. The text of the law will be synthetic, with explicit provisions concerning the citizens' rights and the supervisory authority.
Adrian Ceparu, the representative of civil society, said that the lack of cyber specific legislation causes far greater harm than the existence of regulations concerning that field: "Priority zero should be the passing of a clear, succinct legislative framework, with clear provisions concerning every situation and a wide, fair public debate".
The BURSA conference was attended by over 150 participants from among companies specializing in IT&C and cybersecurity, from among companies in every economic sector that need solutions for protection against cybernetic attacks, as well as lawyers and consultants.
Euro
Dolar SUA
Franc elveţian
Liră sterlină
Gram de aur
