ENISA
https://www.enisa.europa.eu
Data breach notifications in the EU
https://www.enisa.europa.eu/publications/dbn
The introduction of a European data breach notification requirement for the electronic communication sector introduced in the review of the ePrivacy Directive (2002/58/EC) is an important development with a potential to increase the level of data security in Europe and foster reassurance amongst citizens on how their personal data is being secured and protected by electronic communication sector operators. Against this background, ENISA reviewed the current situation in order to develop a consistent set of guidelines addressing the technical implementation measures and the procedures, as described by Article 4 of the reviewed Directive 2002/58/EC.No publisherPrivacyIdentity & TrustGood Practice2011/01/13 17:15:00 GMT+2Report/StudyOn the security, privacy and usability of online seals
https://www.enisa.europa.eu/publications/on-the-security-privacy-and-usability-of-online-seals
This report analyses the conditions under which online security and privacy seals (OSPS) can be deployed to support users to make an informed trust decision about Web services and their providers with respect to the provided security and privacy. This report is motivated by the numerous policy documents, that mention marks, seals, logos, icons, (collectively referred as OSPS) as a mean enabling users to judge on the trustworthiness of services offered on the Web.No publisherIdentity & Trust2014/01/15 00:00:00 GMT+2Report/StudyPrivacy, Accountability and Trust – Challenges and Opportunities
https://www.enisa.europa.eu/publications/pat-study
In the study, we focus on some of the available technologies and research results addressing privacy and data protection and topics related to, or influencing privacy, such as consent, accountability, trust, tracking and profiling. The objective is to provide a comprehensive and realistic view of both limitations generated and possibilities provided by technologies in the case of personal data protection rights.No publisherIdentity & TrustPrivacy2011/03/08 16:30:00 GMT+2Report/StudyPrivacy considerations of online behavioural tracking
https://www.enisa.europa.eu/publications/privacy-considerations-of-online-behavioural-tracking
Internet users are being increasingly tracked and profiled and their personal data are extensively used as currency in exchange for services. It is important that this new reality is better understood by all stakeholders if we are to be able to support and respect the right for privacy.No publisherIdentity & TrustPrivacy2012/11/14 17:40:00 GMT+2Report/StudyReport on Annual Privacy Forum 2012
https://www.enisa.europa.eu/publications/report-on-annual-privacy-forum-2012
The first Annual Privacy Forum1 (APF’12) was held in Limassol, Cyprus from 10–11 October 2012. The Forum was co-organised by the European Network and Information Security Agency (ENISA)2 and the European Commission Directorate General for Communications Networks, Content and Technology (DG CONNECT),3 with the support of the Department of Computer Science of the University of Cyprus. APF’12 was endorsed as an official event of the Cyprus Presidency of the Council of the European Union.No publisherEuropean Union InstitutionsPrivacyIdentity & Trust2012/12/12 15:00:00 GMT+2Report/StudySurvey of accountability, trust, consent, tracking, security and privacy mechanisms in online environments
https://www.enisa.europa.eu/publications/survey-pat
The study, using a survey, attempts to evaluate which are currently the mechanisms deployed in available online services for accountability, consent, trust, security and privacy. While the finding of this survey cannot be easily extrapolated to all online services, some trends are prominent and it is safe to assume that these are valid for most organisations that operate online. Besides these trends, we mention here the lack of a single coherent view on how to best achieve user privacy in online environments. An increase in awareness of privacy and security concepts within organisations and industry sectors appears to be desirable, in order to maintain a high level of security and confidence on the part of users and society in the ICT infrastructure and services provided within the EU. A major area of concern was how the EU would create and maintain a ‘level regulatory playing field’, especially with non-EU based multinationals entering the EU market without proper (privacy) compliance and rapidly establishing a significant user base. No publisherIdentity & TrustPrivacy2011/01/31 15:45:00 GMT+2Report/StudyThe right to be forgotten - between expectations and practice
https://www.enisa.europa.eu/publications/the-right-to-be-forgotten
The right to be forgotten is included in the proposed regulation on data protection published by the European Commission in January 2012. The regulation is still to be adopted by the European Parliament for entering into force. The different legal aspects of the right to be forgotten (i.e. right to erasure or right to oblivion) have been debated in different contexts and are beyond the scope of this paper. With this paper we aim to cover other facets of the right to be forgotten. We focus on the technical means to enforce or support the right in information systems; as can be seen from this paper, there are technical limitations and there is a further need for clear definitions and legal clarifications.No publisherIdentity & TrustPrivacy2012/11/20 00:05:00 GMT+2Report/StudyFlying 2.0 - Enabling automated air travel by identifying and addressing the challenges of IoT & RFID technology
https://www.enisa.europa.eu/publications/flying-2.0-enabling-automated-air-travel-by-identifying-and-addressing-the-challenges-of-iot-rfid-technology
No publisherRisk ManagementPrivacyIdentity & TrustInternet of things2010/04/12 09:30:00 GMT+2Report/StudyFlying 2.0 - Enabling automated air travel by identifying and addressing the challenges of IoT & RFID technology: Annex I
https://www.enisa.europa.eu/publications/flying-2.0-enabling-automated-air-travel-by-identifying-and-addressing-the-challenges-of-iot-rfid-technology-annex-i
This is Annex I - " Scenario Building & Analysis" of the Final Report "Flying 2.0 - Enabling automated air travel by identifying and addressing the challenges of IoT & RFID technology".No publisherRisk ManagementIdentity & TrustPrivacy2010/04/12 09:30:00 GMT+2Report/StudyFlying 2.0 - Enabling automated air travel by identifying and addressing the challenges of IoT & RFID technology: Annex II
https://www.enisa.europa.eu/publications/flying-2.0-enabling-automated-air-travel-by-identifying-and-addressing-the-challenges-of-iot-rfid-technology-1
This is Annex II - "Risk Assessment Spreadsheet" of the Final Report "Flying 2.0 - Enabling automated air travel by identifying and addressing the challenges of IoT & RFID technology".No publisherRisk ManagementIdentity & TrustPrivacy2010/04/12 09:30:00 GMT+2Report/StudyTo log or not to log? - Risks and benefits of emerging life-logging applications
https://www.enisa.europa.eu/publications/to-log-or-not-to-log-risks-and-benefits-of-emerging-life-logging-applications
No publisherEuropean Union InstitutionsRisk ManagementNetwork and Information Security AwarenessIdentity & TrustPrivacy2011/11/10 22:00:00 GMT+2Report/Study