Dear colleagues, I've been asked to encourage you to respond to a short survey by ENISA, which will take approximately 15 minutes of your time. The European Electronic Communications Code (EECC) contains some provisions regarding outreach to costumers and consumers regarding potential cybersecurity threats security incidents and what they can or need to do. Or in the text of the EECC itself (Art, 40, par. 3): “Member States shall ensure that in the case of a particular and significant threat of a security incident in public electronic communications networks or publicly available electronic communications services, providers of such networks or services shall inform their users potentially affected by such a threat of any possible protective measures or remedies which can be taken by the users. Where appropriate, providers shall also inform their users of the threat itself.” Amongst its goals, the survey aims to identify: • Effective solutions and good practices of the cybersecurity consumer outreach by electronic communication providers. • Methods of authorities for supporting the development of customer outreach on cybersecurity. If you have any examples to share, please participate in the survey. Although this survey is organised by ENISA, it is not uncommon for the results of these surveys to form the basis for legislative proposals by the Commission. In that context it is always useful to provide input about industry practices and position in these early stages and be able to inform policy makers about the things that work and the things where change might be needed. The survey can be found at https://ec.europa.eu/eusurvey/runner/ElectronicCommunicationsProvidersConsum... It will close on 20 May 2021, so unfortunately not much time to develop a common position. I would recommend you contribute to this survey on an individual basis. Best, Marco Hogewoning Manager Public Policy and Internet Governance RIPE NCC