Search

ENISA decided to provide a study on online tracking and relevant user protection mechanisms, paying particular attention to user consent, privacy settings and the implementation of the Do-Not-Track (DNT) standard.

The present report aims at detailing the outcomes of the project that aimed to promote the ENISA’s PETs repository (and underlying PETs maturity assessment methodology) by 1) Engaging the privacy community into its use, and 2) Providing a plan for…

The Technical Guideline on Security Measures for Article 4 and Article 13a gives guidance to national competent authorities about the supervision of security measures in Article 13a of the Framework Directive (2009/140/EC) and Article 4 of the e-…

ENISA published its first National Cyber Security Strategy Good Practice Guide in 2012. Since then, EU Member States and EFTA countries have made great progress in developing and implementing their strategies. This guide is updating the different…

ENISA after having analysed the present state of play of governmental Cloud deployment in 2013 report, presents a guide on the steps public administration has to take to deploy cloud computing. This report gives guidance on the process from pre-…

Given the clear contrast between the importance of the privacy by design principle on the one hand, and the reality of lax data protection practices with many online service providers on the other hand, the aim of this study is to present an…

Citizen data protection in focus - ENISA on privacy in national eID cards: Europe needs a strategy The EU Agency ENISA [the European Network and Information Security Agency] today launched its Position Paper on security features in European eID…

There are two pieces of EU legislation which explicitly mention security measures in the telecom sector: Article 4 of the e-Privacy directive asks providers to take security measures to protect security of personal data processing. Article 13a of…

ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…

In order to support organisations in their process of identifying appropriate security measures, based on the provisions of both NISD and GDPR, this report uses as basis the pre-existing ENISA guidance and presents a mapping of already identified…