Key online companies could be forced to report cyber attacks to European Union authorities, as one of many measures unveiled by the bloc's executive Thursday to protect the internet and online users.
The European Commission's cyber security strategy seeks to make the internet a safer place to do business, in order to protect users and encourage growth in the digital sector - considered important to the recovery of Europe's crisis-battered economy.
But online companies have bristled at the idea of publishing all data relating to cyber attacks, fearing that it could give them a negative reputation.
The affected companies would include online providers of services such as banking, energy, transport and health; internet companies such as search engines Google, social networking site Facebook and cloud computing services; as well as public administrations.
"The more people rely on the internet, the more people rely on it to be secure," said EU Digital Agenda Commissioner Neelie Kroes.
Kroes is spearheading the strategy together with EU Home Affairs Commissioner Cecilia Malmstrom and EU foreign policy chief Catherine Ashton.
"Fundamental rights, democracy and the rule of law need to be protected in cyberspace," Ashton said.
The commission wants to protect against incidents ranging from phishing scams, data hacking and identity theft to outages that can affect millions after natural disasters such as storms.
The Information Security Forum - a consortium of companies with a large online presence including IBM, Nokia, Proctor Gamble and National Australia Bank - welcomed the opportunity to harmonize measures across the EU, while criticizing the forced reporting of cyber attacks.
"The publication of a security incident can have significant influence on the reputation or value of a company - in the extreme case, publication has more severe consequences than the actual incident," ISF vice president Steve Durbin said of a similar German proposal.
The proposal, once approved by member states and the European Parliament, would also force countries to adopt a strategy for IT security and dedicate money and manpower to respond to threats.
It also calls for an early warning mechanism among EU member states.
A new EU cybercrime agency, unveiled in the Netherlands last month to help crack down on web-based offences, would help share data and experiences from different member states, Malmstrom said.
Cyber security concerns influenced the online behavior of 38 percent of internet users in Europe last year, according to an EU survey, making them less likely to shop online or use internet banking among other things.
However, only 26 percent of the bloc's enterprises had a formally defined IT strategy encompassing cyber security measures, according to EU statistics.
There are an estimated 150,000 computer viruses in circulation, according to the commission. It quoted World Economic Forum estimates that a single major IT breakdown could cause 250 billion dollars of damage.