Counterterrorism Blog

Who’s responsibility for protecting critical infrastructure from terrorist attack? The European Commission opened a major debate on the topic at the June 27th New Defense Agenda meeting in Brussels. And its initial planning calls for a modest 140 million Euro 5 year program (2007 - 2012) to help identify and prioritize vulnerabilities. But the Commission is likely to pass on to owners and operators the actual responsibilities to pay for and implement preventive and protective procedures. Magnus Ovilius, a senior administrator at the Commission's DG Justice, Freedom and Security, told the gathering that it shouldn’t be left up to the bureaucrats in Brussels to determine “what should be done on the ground.” “We don't need to spend a lot of money," he said, arguing that the Commission should limit its role to threat assessment. This might include helping to delineate where and when funds could be spent in a relevant manner.
For its part the EU Commission has already begun work on putting together a Critical Infrastructure Warning Information Network (CTWIN) and is setting up a European Network and Information Security Agency (ENISA). The latter will incorporate aviation and maritime security and inspection oversight. The EU is also considering its role in providing protection for critical infrastructure, such as power plants that have potential trans-boundary effects. However, they will leave to member states the task of delineating local prevention and protection requirements. EU member states are to report back on this by the end of 2005. Details of European thinking on critical infrastructure protection issues are contained in the joint EU Council/Parliamentary report: Critical Intrastructure Protection in the Fight Against Terrorism.