With more than 90% of companies and 40% of households in the EU having internet access and public administrations moving towards electronic government, the security of networks and information systems has become a key concern, especially after the events of September 11, 2001, according to the Commission.
It added that broadband connections, enabling people to connect to the internet at all times, and new wireless applications, have multiplied the potential risks.
The proposed European Network and Information Security Agency will, according to the Commission, serve as an advice centre for Member States and EU institutions on matters relating to cyber security.
It will also provide assistance to the already existing cyber crisis units of Member States, known as Computer Emergency Response Teams, and will help in ensuring interoperability on information security functions in networks and information systems.
According to the Commission's proposals, the Agency will be managed by an Executive Director possessing "a high degree of independence and expertise", and will employ 30 experts charged with the task of rapidly exchanging information across Member States, once a threat is detected.
The operation of the Agency will rely heavily on voluntary disclosure from both the private and public sectors. The proposal does not provide for a body to force organisations disclose information about attacks on their networks.
The Agency, scheduled to start its operations in January 2004, is expected to cost €24 million in the first five years. A further €9 million will be added to the budget once the 10 accession candidate countries join the EU.
According to the plan, the Agency will be open to participation by third countries, on condition that they have entered into agreements with the EU to adopt and apply Community law in the areas of cyber crime and information security.
The proposal needs the support of the majority of Member States and the European Parliament.
At present, both public and private organisations with different objectives gather data on IT incidents, but there is no central entity at EU level to analyse such data and support national cyber security efforts.
The Commission's proposal has not yet been made available on-line, but it will appear at:
europa.eu.int/eeurope