The European Network and Information Security Agency (ENISA) is an EU agency created as a response tosecurity issues of the European Union. The Agency's mission is essential to achieving a high and effectivelevel of network and information security within the European Union. Together with the EU-institutions andthe Member States, ENISA seeks to develop a culture of network and information security for the benefitof citizens, consumers, business and public sector organisations in the European Union. ENISA is a centre ofcompetence for the European Member States and European institutions in network and informationsecurity, giving advice and recommendations and acting as a switchboard of information for good practices.Moreover, the agency facilitates contacts between European institutions, the Member States and industryplayers.
For enquiries about this study, please use the following contact details:European Network and Information Security AgencyTechnical Competence DepartmentEmail:email@example.comInternet:http://www.enisa.europa.eu/act/it/eidSupervisor of the study: Sławomir Górniak – ENISAAuthors: Andreas Rockelmann, Joshua Budd, Michael Vorisek – IDC CEMAENISA staff involved in the project: Demosthenes Ikonomou, Rodica Tirtea
Notice must be taken that this publication represents the views and interpretations of the authors andeditors, unless stated otherwise. This publication should not be construed to be an action of ENISA or theENISA bodies, unless adopted pursuant to the ENISA Regulation (EC) No 460/2004. This publication does notnecessarily represent state-of the-art and it might be updated from time to time.Third-party sources are quoted as appropriate. ENISA is not responsible for the content of the externalsources, including external websites referenced in this publication.This publication is intended for educational and information purposes only. Neither ENISA, nor any personacting on its behalf, is responsible for the use that might be made of the information contained in thispublication.Reproduction is authorised provided the source is acknowledged.
We particularly wish to thank the following organisations for their support during the compilation of thisstudy:
European Commission, DG INFSO B.1, Electronic Communications Policy – Policy Development
European Commission, DG JUSTICE C.3, Fundamental Rights and Union Citizenship – Data Protection
The members of the Article 29 Working Party
European Data Protection Supervisor