Thu. Mar 28th, 2024

Content Assessment: Protecting Data? Engineering Personal Data Sharing (ENISA)

Information - 94%
Insight - 95%
Relevance - 96%
Objectivity - 93%
Authority - 95%

95%

Excellent

A short percentage-based assessment of the qualitative benefit of the announcement and report from ENISA on how cybersecurity technologies and techniques can support the implementation of the GDPR principles when sharing personal data.

Editor’s Note: ENISA, the European Union Agency for Cybersecurity, was established in 2004 to promote a high level of cybersecurity across Europe. The EU Cybersecurity Act has strengthened its role, and it works towards enhancing the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, contributing to EU cyber policy, cooperating with Member States and EU bodies, and preparing Europe for future cybersecurity challenges. Through knowledge sharing, capacity building and awareness raising, ENISA collaborates with key stakeholders to build trust in the connected economy, boost the Union’s infrastructure resilience, and maintain digital security for Europe’s society and citizens. The new report, Engineering Personal Data Sharing, aims to investigate specific use cases related to personal data sharing, primarily in the health sector, and how the implementation of specific technologies can support meeting data protection requirements. This new report may benefit cybersecurity, information governance, and legal discovery professionals operating in the eDiscovery ecosystem as they consider data protection through the lens of personal data sharing.


Press Announcement Extract And Report*

Engineering Personal Data Sharing

The European Union Agency for Cybersecurity (ENISA) explores how technologies can support personal data sharing in practice.

Because data today is at the heart of our lives and central to our economy, data has been coined as the new currency. No transactions or activity can be performed online nowadays without the exchange and sharing of data. Organisations share information with partners, analytic platforms, public or other private organisations and the ecosystem of shareholders is increasing exponentially. Although we do see data being taken from devices or from organisations to be shared with external parties in order to facilitate business transactions, securing and protecting data should remain a top priority and adequate solutions implemented to this end.

The objective of the report is to show how the data protection principles inscribed in the GDPR can be applied in practice by using technological solutions relying on advanced cryptographic techniques. The report also includes an analysis of how data is dealt with when the sharing is part of another process or service. This is the case when data need to go through a secondary channel or entity before reaching the final recipient.

The report focuses on the various challenges and possible architectural solutions on intervention aspects. An example of these is the right to erasure and the right to rectification when sharing data. Targeting policy makers and data protection practitioners, the report provides an overview of the different takes on how to approach personal data sharing in an effective way.

Background

The EU Agency for Cybersecurity has been working in the area of privacy and data protection since 2014, by analysing technical solutions for the implementation of the GDPR, privacy by design and security of personal data processing.

The work in this area falls under the provisions of the Cybersecurity Act (CSA) and is meant to support Member States on specific cybersecurity aspects of Union policy and law in relation to data protection and privacy. This work builds upon the Agency’s activities in the area of Data Protection Engineering and is produced in collaboration with the ENISA Ad Hoc Working Group on Data Protection Engineering.

The Agency has been providing guidance on data pseudonymisation solutions to data controllers and processors since 2018.

Further information

Other information

About ENISA

The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe. Established in 2004 and strengthened by the EU Cybersecurity Act, ENISA contributes to EU cyber policy, enhances the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow. Through knowledge sharing, capacity building and awareness raising, the Agency works together with its key stakeholders to strengthen trust in the connected economy, to boost resilience of the Union’s infrastructure, and, ultimately, to keep Europe’s society and citizens digitally secure.

Read the original announcement.


Complete Report: Engineering Personal Data Sharing (PDF) – Mouseover to Scroll

Engineering Personal Data Sharing Data Sharing - ENISA

Read the original paper.

*Shared with permission under Creative Commons – Attribution 4.0 International (CC BY 4.0) – license.


Additional Reading

Source: ComplexDiscovery

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Midjourney, and DALL-E, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.