Information security and law in Europe: Risks checked?

Abstract Information security has emerged as a necessity for organisations in order to ensure the integrity, confidentiality and availability of information. Information security, however, has shifted to the foreground of regulation in the European Union (EU) to address potential risks associated with the widespread use of information technology. Information security can be used to safeguard against risks or additionally facilitate users in meeting specific requirements with regard to pertinent legislation. The set up of a dedicated European Agency on information security (ENISA) also highlights the political significance of information security and the need to strive for greater cooperation across EU Member States as well as internationally. While the EU legal framework on information security is by no means complete, the efforts that have been made to tackle pertaining issues are likely to make a significant impact in the EU and beyond.

[1]  陳世樺,et al.  Overview of the New Basel Capital Accord - Basel Committee on Banking Supervision , 2005 .

[2]  Philip Scholz Datenschutz beim Internet-Einkauf: Gefährdungen, Anforderungen, Gestaltungen , 2003 .

[3]  Lance J. Hoffman Building in Big Brother: The Cryptographic Policy Debate , 1995 .

[4]  B. Koops The Crypto Controversy: A Key Conflict in the Information Society , 1998 .

[5]  Warwick Ford,et al.  Secure electronic commerce , 1997 .

[6]  Andreas Mitrakas Policy Frameworks for Secure Electronic Business , 2005, Encyclopedia of Information Science and Technology.

[7]  Andreas Mitrakas Feature: Citizen Centric Identity Management: Chip Tricks? , 2002 .

[8]  Riccardo Genghini Global relevance of the European Electronic Signatures co-regulation process , 2001, Datenschutz und Datensicherheit.

[9]  John M. D. Hunter An Information Security Handbook , 2001, Computer Communications and Networks.

[10]  H. Vos Trade and Industry , 1946 .

[11]  Charles P. Pfleeger,et al.  Security in computing , 1988 .

[12]  Thomas Peltier,et al.  Information Technology: Code of Practice for Information Security Management , 2001 .

[13]  日本規格協会 情報技術 : 情報セキュリティ管理実施基準 : 国際規格 : ISO/IEC 17799 = Information technology : code of practice for infromation security management : international standard : ISO/IEC 17799 , 2000 .

[14]  Ronald Dworkin,et al.  Taking Rights Seriously , 1977 .

[15]  Organisation for Economic Cooperation and Development,et al.  Organisation for economic cooperation and development , 1998 .

[16]  Amelia H. Boss Searching for Security in the Law of Electronic Commerce , 1999 .

[17]  Andreas Mitrakas,et al.  Open Edi and Law in EUrope A Regulatory Framework , 1997 .