D7.2 Legal Requirements

This deliverable focuses on legal requirements related to the treatment and sharing of data. It builds upon the work completed in D7.1 ‘Analysis of the applicable legal framework’ and provides a detailed assessment of the applicable legal requirements to the ECOSSIAN project. It also highlights guidelines for the application of a privacy compliant solution and lists these and the requirements in table form. Chapter 2 outlines the general data protection requirements derived from the research reported in D7.1 ‘Analysis of the applicable legal framework’, outlines the application of the principle of privacy by design, examines the relevant security and critical infrastructure protection requirements and indicates the potential impact of national law. The derived general legal requirements are then presented in a table. Chapter 3 focuses on the impact of these requirements on ECOSSIAN. Chapter 4 lists the resulting applicable guidelines for the implementation of the legal requirements. In essence the deliverable provides insights in the form of general requirements and guidelines for the implementation of the privacy by design principle in the context of threat detection and analysis and information sharing. Reference should be made to the specific tables provided in the deliverable. These should form the basis for the implementation of a privacy compliant ECOSSIAN solution but will also be further built upon in D7.3 ‘Information sharing policies in disaster situations - Version 1’