The ENISA Agency published a study which shows the legal and regulatory aspects of information sharing and cross-border collaboration of national/governmental Computer Emergency Response Teams (CERTs) in Europe. According to the report, there exists a delicate balance of investigating, managing and mitigating computer incidents, whilst respecting rights and obligations provided for by certain legal and regulatory frameworks, including data protection and privacy provisions.

The European Network and Information Security Agency, ENISA, published a study which analyses what effects of legal and regulatory aspects of information sharing and cross-border collaboration have on cross border information sharing between Computer Emergency Response Teams (CERTs) in Europe.

According to the study, there exists a delicate balance of investigating, managing and mitigating computer incidents, whilst respecting rights and obligations provided for by certain legal and regulatory frameworks, including data protection and privacy provisions. Among others, one of the findings of this study is that, in practice, data protection, data retention, and obligations to work with law enforcement are the greatest challenges for cross-border CERT co-operation. Another report published in 2010 already underlined that further action in this area is required, especially regarding the establishment of an efficient network of Computer Emergency Response Teams (CERTs) by 2012.

ENISA therefore recommends to clarify the differences between national legal frameworks; the adoption of EU legislation that takes account of the scope of national/governmental CERTs; the specification of a threshold for incidents requiring national/governmental CERT response & information sharing; the explanation of why CERTs need to process personal data for relevant authorities to establish clarity under what circumstances this data may be shared across borders; and the inclusion of information on the legal basis for information requests.