Study on monetising privacy. An economic model for pricing personal information
Do some individuals value their privacy enough to pay a mark-up to an online service provider who protects their information better? How is this related to personalisation of services?
This study analyses the monetisation of privacy. ‘Monetizing…
Recommendations on shaping technology according to GDPR provisions - An overview on data pseudonymisation
The scope of this report is to explore the concept of pseudonymisation alongside different pseusonymisation techniques and their possible implementation. The report is part of ENISA's work in the area of privacy and data protection, which focuses on…
Deploying Pseudonymisation Techniques
Pseudonymisation is increasingly becoming a key security technique for providing a means that can facilitate personal data processing, while offering strong safeguards for the protection of personal data and thereby safeguarding the rights and…
Study on data collection and storage in the EU
Given the clear contrast between the importance of the privacy by design principle on the one hand, and the reality of lax data protection practices with many online service providers on the other hand, the aim of this study is to present an…
Flash Note: Password security-a joint effort between end-users and service providers
Just halfway through 2012, data leaks have already exposed millions of users’ sensitive personal data including password information. ENISA is reminding service providers to follow best practices to better protect sensitive data.
Algorithms, key size and parameters report 2014
The “Algorithms, key size and parameters” report of 2014 is a reference document providing a set of guidelines to decision makers, in particular specialists designing and implementing cryptographic solutions for personal data protection within…
Algorithms, Key Sizes and Parameters Report - 2013
This document collates a series of recommendations for algorithms, keysizes, and parameter recommendations. It addresses the need for a minimum level of requirements for cryptography across European Union (EU) Member States (MSs) in their effort to…
Reinforcing trust and security in the area of electronic communications and online services
This study provides an overview of well-established security practices, for the purpose of sketching the notion of “state-of-the-art” in a number of categories of measures, as they are listed in ENISA’s guidelines for SMEs on the security of…
Privacy considerations of online behavioural tracking
Internet users are being increasingly tracked and profiled and their personal data are extensively used as currency in exchange for services. It is important that this new reality is better understood by all stakeholders if we are to be able to…
Security framework for Trust Service Providers - Technical guidelines on trust services
Article 19, which is the main focus of this document, of the eIDAS Regulation, states that Trust Service Providers have to demonstrate due diligence, in relation to the identification of risks and adoption of appropriate security practices, and…