You are currently browsing EDRi's old website. Our new website is available at https://edri.org

EDRI-gram

If you wish to help EDRI promote digital rights, please consider making a private donation.


Flattr this

logo

EDRi booklets

Social networking sites might be regulated in EU

4 June, 2008
» 
|

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

On 27 May 2008, the European Network and Information Security Agency (ENISA) called for new legislation that would regulate social networking sites. ENISA, which was created in 2004 to oversee online security measures in the 27 EU countries, issued a preliminary report of its General Report in which it pointed out that social networking sites such as Facebook and MySpace need more regulation to protect their users against security risks. "Social networking sites are very useful social tools but we must make recommendations for how to better protect people from the risks these sites create," said Andreas Pirotti, executive director of ENISA and author of the report. He suggested the EU legislation should be expanded in order to "cover the taking of photos of people and posting them on the internet".

In Pirotti's opinion, network security is under a permanent threat from spammers or criminals. "Internet security is extremely important, considering how much business takes place online now. We don't want infrastructures to be disrupted, we don't want a digital 9/11 to happen," he said. He also considers crucial to "raise awareness about how social networking sites work. Few people realize that they can be offered up as friends to people they don't know. Also, many people don't realize that it's almost impossible to erase material once it has appeared on the internet".

Some of the threats related to social networking identified by ENISA are related to face recognition, digital dossiers, reputation damage, social engineering attacks on enterprises, phishing attacks, ID theft and others. The report of the organisation includes 19 recommendations to social networks on ways to improve their security practices.

Among other things, ENISA calls for a regulatory review of social networking frameworks, an increased transparency of data handling practices, more education for users on security, and the discouragement or even banning of social networking in schools.

A study conducted by enterprise IT management company CA and the National Cyber Security Alliance in 2006 found out that the majority of users of social networking sites were not very aware of the security issues involved. 83 percent of them admitted having downloaded unknown files from unknown users and 74 percent said that they were easily providing the personal data online. Also, a Symantec report issued in 2007 showed that social networking sites offer easy pickings for phishers. The security practices of the respective sites make it easier to invade and to spread attacks to more people.

Top EU security agency calls for policing of social network (27.05.2008)
http://www.infoworld.com/article/08/05/27/EU-security-agency-wants-soc...

EU may regulate social networking sites over security issues (27.08.2008)
http://arstechnica.com/news.ars/post/20080527-eu-may-regulate-social-n...

ENISA General Report 2007 - adopted, non designed version
http://www.enisa.europa.eu/doc/pdf/publications/AGR_full_disclaim.pdf

‹ Hungarian Data Retention Law - challenged at the Constitutional CourtupCzech Parliament - close in implementing data retention directive ›
Printer-friendly version
 
Site by Floatleft.

Syndicate:

Syndicate contentCreative Commons License

With financial support from the EU's Fundamental Rights and Citizenship Programme.
eu logo