Archivio Istituzionale della RicercaSeveral sector-specific studies on EU data protection and cybersecurity frameworks can be found in the literature, but their differing legal domains has hindered the development of a common analysis of the different sets of provisions from a business perspective. This article sets out to bridge this gap, providing a systematic review and a cross-cutting operational analysis of the main legal instruments that constitute the common European approach to personal data and cybersecurity regulation for the business sector. We aim to demonstrate the existence of a core of common principles and procedural approaches referring to specific cybersecurity and data security technologies. Analysis reveals a coordinated regulatory model based on five pillars: risk-based approach, by-design approach, reporting obligations, resilience and certification schemes. We also highlight the relationship between the main directives and regulations.
The common EU approach to personal data and cybersecurity regulation / Mantelero, Alessandro; Vaciago, Giuseppe; Esposito, Maria Samantha; Monte, Nicole. - In: INTERNATIONAL JOURNAL OF LAW AND INFORMATION TECHNOLOGY. - ISSN 0967-0769. - STAMPA. - 28:4(2020), pp. 297-328. [10.1093/ijlit/eaaa021]
The common EU approach to personal data and cybersecurity regulation
Mantelero, Alessandro;Esposito, Maria Samantha;Monte, Nicole
2020
Abstract
Several sector-specific studies on EU data protection and cybersecurity frameworks can be found in the literature, but their differing legal domains has hindered the development of a common analysis of the different sets of provisions from a business perspective. This article sets out to bridge this gap, providing a systematic review and a cross-cutting operational analysis of the main legal instruments that constitute the common European approach to personal data and cybersecurity regulation for the business sector. We aim to demonstrate the existence of a core of common principles and procedural approaches referring to specific cybersecurity and data security technologies. Analysis reveals a coordinated regulatory model based on five pillars: risk-based approach, by-design approach, reporting obligations, resilience and certification schemes. We also highlight the relationship between the main directives and regulations.
| File | Dimensione | Formato | |
|---|---|---|---|
|
eaaa021_pub version.pdf
accesso aperto
Descrizione: Versione_pubblicata_OA
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Creative commons
Dimensione
288.32 kB
Formato
Adobe PDF
|
288.32 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2892253