-
Engineering Personal Data Protection in EU Data Spaces
Common European data spaces (EU data spaces) are a novel concept introduced in the European strategy for data and elaborated further within the Data Governance Act (DGA). This report attempts to contextualise the main design principles regarding...
Published on January 26, 2024 -
Engineering Personal Data Sharing
This report attempts to look closer at specific use cases relating to personal data sharing, primarily in the health sector, and discusses how specific technologies and considerations of implementation can support the meeting of specific data...
Published on January 27, 2023 -
Deploying Pseudonymisation Techniques
Pseudonymisation is increasingly becoming a key security technique for providing a means that can facilitate personal data processing, while offering strong safeguards for the protection of personal data and thereby safeguarding the rights and...
Published on March 24, 2022 -
Data Protection Engineering
Data Protection Engineering can be perceived as part of data protection by Design and by Default. It aims to support the selection, deployment and configuration of appropriate technical and organizational measures in order to satisfy specific data...
Published on January 27, 2022 -
Data Pseudonymisation: Advanced Techniques and Use Cases
This report, building on the basic pseudonymisation techniques, examines advanced solutions for more complex scenarios that can be based on asymmetric encryption, ring signatures and group pseudonyms, chaining mode, pseudonyms based on multiple...
Published on January 28, 2021 -
Pseudonymisation techniques and best practices
This report explores further the basic notions of pseudonymisation, as well as technical solutions that can support implementation in practice. Starting from a number of pseudonymisation scenarios, the report defines first the main actors that can...
Published on December 03, 2019 -
Stock taking of security requirements set by different legal frameworks on OES and DSPs
In order to support organisations in their process of identifying appropriate security measures, based on the provisions of both NISD and GDPR, this report uses as basis the pre-existing ENISA guidance and presents a mapping of already identified...
Published on November 15, 2019 -
Towards a framework for policy development in cybersecurity - Security and privacy considerations in autonomous agents
One of the key aspects in autonomous systems is the data collected, mainly for supporting the demanding functionality in a qualitative and timely manner. The current study highlights a number of relevant security and privacy considerations, such as...
Published on March 14, 2019 -
Handbook on Security of Personal Data Processing
The overall scope of the report is to provide practical demonstrations and interpretation of the methodological steps of the ENISA’s 2016 guidelines for SMEs on the security of personal data processing. This is performed through specific use cases...
Published on January 29, 2018 -
Annual Privacy Forum 2017
ENISA's Annual Privacy Forum 2017 encouraged dialogue with panel discussions and provided room for exchange of ideas in between scientific sessions. The two-day conference was well attended by more than 100 participants in addition to more than 70...
Published on January 09, 2018 -
QWACs Plugin
Proof of concept browser plugin to support the two-step verification of qualified certificates for web-site authentication
Published on January 08, 2018 -
Recommendations on European Data Protection Certification
The objective of this report is to identify and analyse challenges and opportunities of data protection certification mechanisms, including seals and marks, as introduced by the GDPR, focusing also on existing initiatives and voluntary schemes.
Published on November 27, 2017 -
Recommendations on aligning research programme with policy
The scope of this report is to review existing analysis reports on EU funded Trust and Security Projects, summarize achievements that have significantly promoted specific pillars of NIS, identify and summarize specific outcomes that can promote and...
Published on May 08, 2017 -
Annual Privacy Forum 2016
In light of the data protection regulation and the European digital agenda, DG CONNECT, EDPS, ENISA and, Goethe University Frankfurt organized APF 2016. APF 2016 was held 7 & 8 September at Goethe University Frankfurt am Main, Germany.
Published on March 09, 2017 -
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the...
Published on January 27, 2017 -
Report on Annual Privacy Forum 2012
The first Annual Privacy Forum1 (APF’12) was held in Limassol, Cyprus from 10–11 October 2012. The Forum was co-organised by the European Network and Information Security Agency (ENISA)2 and the European Commission Directorate General for...
Published on December 12, 2012
Browse the Topics