Recommendations on shaping technology according to GDPR provisions - An overview on data pseudonymisation
The scope of this report is to explore the concept of pseudonymisation alongside different pseusonymisation techniques and their possible implementation. The report is part of ENISA's work in the area of privacy and data protection, which focuses on…
Recommendations on shaping technology according to GDPR provisions - Exploring the notion of data protection by default
This report aims to shed some light on what the data-protection-by-default principle means in information technology design, what is the situation today, as well as how the new GDPR obligation could support controllers in selecting data-protection-…
Reinforcing trust and security in the area of electronic communications and online services
This study provides an overview of well-established security practices, for the purpose of sketching the notion of “state-of-the-art” in a number of categories of measures, as they are listed in ENISA’s guidelines for SMEs on the security of…
Towards global acceptance of eIDAS audits
The goal of the study is to explore the eIDAS Conformity Assessment Report (CAR), the corresponding audit requirements, gaps arising from comparison with competing audit schemes, and the emergent issues at the core of the global conversation between…
Assessment of Standards related to eIDAS
In this report, ENISA presents aspects of QSCD certification and QTSP supervision to identify the way to combine respective elements therein, in line with the eIDAS requirements. In this context, this report seeks to support standards CEN EN 419 241…
A tool on Privacy Enhancing Technologies (PETs) knowledge management and maturity assessment
This report accompanies the second release of the PETs assessment tool and provides a brief overview of its main functionalities, as well as its challenges and proposed dissemination activities for further enhancement and adoption.
Privacy and data protection in mobile applications
The scope of the report is to provide a meta-study on privacy and data protection in mobile apps by analysing the features of the app development environment that impact privacy and security, as well as defining relevant best-practices, open issues…
Handbook on Security of Personal Data Processing
The overall scope of the report is to provide practical demonstrations and interpretation of the methodological steps of the ENISA’s 2016 guidelines for SMEs on the security of personal data processing. This is performed through specific use cases…
Online Tracking and User Protection Mechanisms
ENISA decided to provide a study on online tracking and relevant user protection mechanisms, paying particular attention to user consent, privacy settings and the implementation of the Do-Not-Track (DNT) standard.
eIDAS: Overview on the implementation and uptake of Trust Services
In the context of the eIDAS Regulation, ENISA conducted a study to present an overview of the implementation and uptake of Trust Services defined in the eIDAS Regulation one year after adoption to the new regime, and analyse the new opportunities…