The European Commission on Thursday opened an infringement procedure against Malta for failure to comply with the EU Cybercrime Directive.
The commission said the directive is essential in the fight against cybercrime, requiring member states to strengthen national cybercrime laws and introduce tougher criminal sanctions, including for large-scale cyber-attacks.
Member states are also obliged to designate points of contact, available 24 hours a day, seven days a week, to ensure improved cooperation between national authorities.
The commission said that Hungary, Latvia and Malta had incorrectly transposed the measures set out in the directive, in particular on certain offences, penalty levels and jurisdiction.
Two months to respond
Malta now has two months to respond or the commission may decide to escalate the action to a reasoned opinion.
The commission sees attacks against information systems, in particular those linked to organised crime, as being a growing menace.
It is increasingly concerned about the potential for terrorist or politically motivated attacks against information systems which form part of critical infrastructure.
Member states were meant to transpose the directive into their domestic laws by September 2015.
Malta also received a letter of formal notice because it did not correctly transpose EU rules on the fight against fraud on the Union’s financial interests. Estonia, Hungary and The Netherlands also landed in hot water over this issue.