Dear users, a new Joinup release will be deployed on Thursday 09/02/2023 between 13:00 and 13:30 CET. Within this time window, the site might experience outages. Please adjust your use of the platform accordingly during this time frame.

EU: A flair for sharing - encouraging information exchange between CERTs

Published on: 16/12/2011
Last update: 02/01/2012

Description (short summary):
Computer Emergency Response Teams (CERTs) are crucial in cross border co-ordination of computer incidents and in order to perform their important role they need to exchange information. Cross border information exchange requires complex legal factors to be considered. CERTs in different countries have differing legal grounds to request from and transmit information to other teams. Furthermore, the information exchanged might be personal data and therefore subject to specific privacy provisions. In addition, CERTs, including national/governmental CERTs, have varying mandates. 

This study focuses on the legal and regulatory aspects of information sharing and cross-border collaboration of national/governmental CERTs in Europe and performs an assessment of what effects these aspects have on cross-border information sharing between CERTs.  

The conclusion is that there exists a delicate balance of investigating, managing and mitigating computer incidents, whilst respecting rights and obligations provided by certain legal and regulatory frameworks, including data protection, data retention and privacy provisions. 

Number of pages: 86

Description of license: © European Network and Information Security Agency (ENISA), 2011

Nature of documentation: Official reports and studies


Type of document