Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on the day's biggest business stories
Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter
Sign up for Axios Pro Rata
Dive into the world of dealmakers across VC, PE and M&A with Axios Pro Rata. Delivered daily to your inbox by Dan Primack and Kia Kokalitcheva.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
Want a daily digest of the top Nashville news?
Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.
Want a daily digest of the top Columbus news?
Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.
Want a daily digest of the top Dallas news?
Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.
Want a daily digest of the top Austin news?
Get a daily digest of the most important stories affecting your hometown with the Axios Austin newsletter.
Want a daily digest of the top Atlanta news?
Get a daily digest of the most important stories affecting your hometown with the Axios Atlanta newsletter.
Want a daily digest of the top Philadelphia news?
Get a daily digest of the most important stories affecting your hometown with the Axios Philadelphia newsletter.
Want a daily digest of the top Chicago news?
Get a daily digest of the most important stories affecting your hometown with the Axios Chicago newsletter.
Sign up for Axios NW Arkansas
Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters
Want a daily digest of the top DC news?
Get a daily digest of the most important stories affecting your hometown with the Axios DC newsletter.
The European Commission building in Brussels, Belgium. Dursun Aydemir/Anadolu Agency/Getty Images
European Union MP Marietje Schaake proposed creating an EU-wide rule describing when governments must disclose security flaws to manufacturers. Governments often use these security flaws for surveillance.
Why it matters: There is no way to guarantee that only well-meaning governments use a vulnerability that a nation intends to use for surveillance. In a blog post Thursday announcing her intent to seek an EU standard for disclosure, Schaake noted, "We live in an age where vulnerabilities are leaked or sold by criminals to those with potentially geopolitical motives, and where certain governments are stockpiling vulnerabilities as offensive weapons."
The U.S. has such a rule, the Vulnerability Equities Process. The VEP was flung into the spotlight in 2017 when a massive global cyberattack used a leaked code believed to be written by the NSA to become more virulent. The Obama administration developed the VEP but kept it secret. A number of critics, including many in the tech industry, questioned whether the VEP was adequately representing citizen's cybersecurity interests.
- The Trump administration quickly committed to increasing its transparency, and released a VEP charter in November that introduced an annual report to give a limited outline of VEP deliberations in the prior year.
- Schaake cited the U.S. charter in her blog post to encourage her peers. "Last year the White House released its Vulnerabilities Equities Process, which provides some increased transparency around this process in the US. It is high time for us to do the same in Europe," she wrote.