Digital Security

Call summary and aims

This Call deals with R&D and innovation towards enhancing digital security.

Proposals under this call should consider the relevant human factor and social aspects when developing innovative solutions. Where relevant, proposals should also describe how the gender dimension is taken into account in their content.

Whereas activities will have an exclusive focus on civil applications, coordination with the activities of the European Defence Agency (EDA) may be considered with possible synergies being established with projects funded by the EDA programmes[[http://eda.europa.eu/what-we-do/eda-priorities/research-technology]]. The complementarity of such synergies should be described comprehensively. On-going cooperation should be taken into account. Only an explicit and firm commitment from EDA-funded projects to contribute to a project may positively impact the evaluation of a proposal submitted under this work programme part.

In this Call, "standards" and "standardisation" are used in a broad sense, except where they are specifically referred to as "European standards" or "European standardisation".

For grants awarded under these topics for Innovation Action and/or Research and Innovation Action, the Commission or Agency may object to a transfer of ownership or the exclusive licensing of results to a third party established in a third country not associated to Horizon 2020. The respective option of Article 30.3 of the Model Grant Agreement will be applied.

All topics in this work programme part will be subject to security scrutiny.

It is expected that this call will continue in 2020.

Cybersecurity, Digital Privacy and data protection

The aim of this Call is to ensure society as a whole benefits from user-friendly systems on cybersecurity, digital privacy and personal data protection, enabling an active participation of citizens and organisations to their own security, privacy and personal data protection.

Trust and security are at the core of the Digital Single Market Strategy[[Communication "A Digital Single Market Strategy for Europe" of 6.5.2015 - COM(2015) 192 final]], while the fight against cybercrime is one of the three pillars of the European Agenda on Security[[ Communication "The European Agenda on Security" of 28.4.2015 – COM (2015) 185 final]]. The new set of measures in the area of cybersecurity building on previous actions has been recently announced in the Joint Communication to the European Parliament and the Council "Resilience, Deterrence and Defence: Building strong cybersecurity for the EU"[[JOIN(2017) 450 final, Brussels, 13.9.2017]].

The compliance of the European infrastructures, products and services with relevant directives (e.g. NIS[[Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (NIS Directive)]], Data Protection Directive for Police and Criminal Justice Authorities[[Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA]]), regulations (e.g. eIDAS[[Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC]], GDPR[[Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)]], proposal for an e-Privacy regulation[[Proposal for a Regulation of the European Parliament and of the Council - COM(2017) 10 final of 10.1.2017]]) and standards (e.g. ISO27001, ISO27005) will promote trust and confidence to the European consumers and providers/suppliers, paving the way for a competitive, trustworthy Digital Single Market. Innovative solutions and services in digital security, privacy and personal data protection will open new market opportunities for the EU companies and will ensure a secure and trusted networked environment for the governments, businesses, individuals and smart things. Cybersecurity and privacy technologies will significantly contribute to strengthen the competitiveness of the EU industry and will enable its development as world leader in the global market.

The Communication on "Strengthening Europe's Cyber Resilience System and Fostering a Competitive and Innovative Cybersecurity Industry"[[COM(2016) 410 final, Brussels, 5.7.2016]] shaped the main related challenges and several strategic initiatives to address them. Established in July 2016, the contractual Public Private Partnership (cPPP) on Cybersecurity aims at building trust among Member States and industry by fostering cooperation at early stages in the research and innovation process and helping to align demand and supply. It has been an important mean of consultation for defining research and innovation priorities for 2018-2020 and it will facilitate the engagement of end-users in sectors that are important beneficiaries and customers of cybersecurity solutions (e.g. energy, transport, health, finance) towards defining and providing to the industry their sector-specific digital security, privacy and personal data protection common requirements. The topics below belonging to this Digital Security call are part of the contribution of the Commission to the Cybersecurity cPPP.