Search results

249 items matching your search terms.
Filter the results.
Item type

























































New items since



Sort by relevance · date (newest first) · alphabetically
Security for Privacy on Data Protection Day
On 28th January, ENISA joins 47 countries of the Council of Europe and the EU institutions, agencies and bodies, to celebrate the 11th annual European Data Protection Day.
Located in News / ENISA News
Security Issues in Cross-border e-Authentication
The Agency has launched a new report on Security Issues in Cross-border Electronic Authentication. Improving the interoperability of electronic identification and authentication systems is a European task and a task for all Member States. ENISA analysed the current situation and assessed the security risks of electronic authentication in cross-border solutions. To visualize these risks, two different projects offering cross-border authentication have been examined and evaluated, Netcards/EHIC and Stork.
Located in News / ENISA News
File ECMAScript program Security of personal data processing event (October 8 2018) notes
Located in Events / Personal Data Security Event
File Security Privacy and Dataprotection
Presentation by Dr Udo Helmbrecht, Spain 24 May 2010 on Security a key element of Privacy and Dataprotection
Located in Press & Media / News Items
File SHA1
Located in Publications / PETs controls matrix
Report/Study Smartphones: Information security risks, opportunities and recommendations for users
The objective of this report is to allow an informed assessment of the information security and privacy risks of using smartphones. Most importantly, we make practical recommendations on how to address these risks. We assess and rank the most important information security risks and opportunities for smartphone users and give prioritised recommendations on how to address them. The report analyses 10 information security risks for smartphone users and 7 information security opportunities. It makes 20 recommendations to address the risks.
Located in Publications
Report/Study ECMAScript program Status of privacy and NIS course curricula in EU Member States
User Education is key in cyber security. Our work for this report follows up on previous efforts and suggested recommendations from 2014 and 2013. The first objective of this report is to identify gaps between available training courses, certifications and NIS education needs with particular emphasis on ePrivacy. The second objective is to suggest further actions based on the analysed needs of NIS communities in Europe
Located in Publications
Report/Study Study on cryptographic protocols
Cryptographic algorithms, when used in networks, are used within a cryptographic protocol. Even if the cryptographic primitives and schemes (discussed in the “Algorithms, key size and parameters” report of 2014, see link below) are deemed secure, their use within a protocol can result in a vulnerability which exposes the supposedly secured data. The report focuses on the current status in cryptographic protocols and encourages further research. A quick overview is presented on protocols which are used in relatively restricted application areas such as wireless, mobile communications or banking (Bluetooth, WPA/WEP, UMTS/LTE, ZigBee, EMV) and specific environments focusing on Cloud computing. The main emphasis of the report is on guidelines to researchers and organisations in the field. The key problem with protocols today is that many result from cryptographic design many years (even decades) ago. Thus cryptographic protocols suffer more from legacy issues than the underlying cryptographic components. The goal should be to work towards a better cryptographic protocol infrastructure which does not exhibit such problems. Thus we provide in this report guidelines to organisations which are developing new protocols.
Located in Publications
Report/Study Study on data collection and storage in the EU
Given the clear contrast between the importance of the privacy by design principle on the one hand, and the reality of lax data protection practices with many online service providers on the other hand, the aim of this study is to present an analysis of the relevant legal framework of European Member States on the principles of minimal disclosure and the minimum duration of the storage of personal data. The study is not intended to go too deep into the details of the legal complexities of the data protection legislation. It rather focuses on a limited number of relevant use cases and tries to find out how the aforementioned principles are expressed in concrete legal or regulatory provisions applicable to these cases, and how they are observed in practice.
Located in Publications
Report/Study Study on monetising privacy. An economic model for pricing personal information
Do some individuals value their privacy enough to pay a mark-up to an online service provider who protects their information better? How is this related to personalisation of services? This study analyses the monetisation of privacy. ‘Monetizing privacy’ refers to a consumer’s decision of disclosure or non-disclosure of personal data in relation to a purchase transaction. The main goal of this report is to enable a better understanding of the interaction of personalisation, privacy concerns and competition between online service providers. Consumers benefit from personalisation of products on the one hand, but might be locked in to services on the other. Moreover, personalisation also bears a privacy risk, i.e. that data may be compromised once disclosed to a service provider. Privacy is a human right; thinking about the economics of privacy does not change this basic fact. The authors of this report consider an economic analysis of privacy as complementary to the legal analysis as it improves our understanding of human decision-making with respect to personal data.
Located in Publications

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information