Handbook of Legal Procedures of Computer and Network Misuse in EU Countries
ResearchPublished Mar 24, 2006
ResearchPublished Mar 24, 2006
In 2003 the European Commission supported RAND Europe in the development of a Handbook that provided an easy-to-use guide matching technical descriptions of incidents to the legal framework of the country in question and details procedures for working with law enforcement to respond to incidents. This handbook was tailored to the user requirements of Europe's Computer Emergency Response Team (CERT) and Computer Security Incident Response Team (CSIRT) community. RAND Europe and Lawfort, a Belgian law firm, compiled the 2005 edition of the CSIRT Legal Handbook. This edition represents a significant update, taking into account recent developments in national legal frameworks and extending its scope to cover the 10 new EU member states that joined in 2004. The project to update the Handbook revisited the incident taxonomy, reviewed and analysed standard enquiries and reporting needs, surveyed national legal frameworks and relevant industrial initiatives. The 2005 CSIRT Legal Handbook is globally unique in the field of information security as it provides access to a comprehensive and up-to-date collection of information on rules, regulations and laws concerning computer misuse. In addition, it also details collection and reporting of computer evidence currently in force in all 25 EU countries, together with guidelines as to when and how law enforcement must be informed of incidents.
The research described in this report was prepared for the European Commission and was conducted by RAND Europe.
This publication is part of the RAND technical report series. RAND technical reports, products of RAND from 2003 to 2011, presented research findings on a topic limited in scope or intended for a narrow audience; discussions of the methodology employed in research; literature reviews, survey instruments, modeling exercises, guidelines for practitioners and research professionals, and supporting documentation; and preliminary findings. All RAND technical reports were subject to rigorous peer review to ensure high standards for research quality and objectivity.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.