EU countries have far to go to protect the e-economy, the Europea...

now, the agency said. Governments must take threats more seriously and invest more in network and information security and in cross-border cooperation, Executive Director Andrea Pirotti said. He urged the EU to require companies to report Internet security breaches. The U.S. reporting requirement is an example but has “flaws that the EU has to do better,” an agency spokesman told us later. EU nations can’t have varying systems as American states do, he said. A common approach is needed on when confidentiality rules apply, to whom reports are submitted and what they should contain, the spokesman said. Businesses must help set up the system, to ensure fairness, he said. Pirotti stressed to reporters Tuesday the security risks of Internet social networking sites, subject of an October report. The agency this year began a three-year program to strengthen public electronic communications networks, he said. It’s also supporting creation of computer emergency response teams in more countries, he said. Threats include fraud in virtual worlds, ENISA said. This year it plans to issue several papers, including one on interoperable electronic identification, it said. The agency’s charter expires in 2009 but probably will be extended two or three years, the agency spokesman said. The European Commission has proposed combining it with a new body, the European Electronic Communications Market Authority. But the idea hasn’t won over EU lawmakers, who see the merger as hard to understand and a hobble on ENISA. EC President Manuel Barroso has said no new agencies will be created until existing entities’ efficiency is evaluated and, if necessary, streamlined, the spokesman said. And the EC and European Parliament change next year, he said. The agency will learn its fate in June, the spokesman said.