This paper highlights key directives and legislation within the European Union that have an impact on IT security practitioners, IT managers and others with responsibility for IT systems.
Legislation is vast and constantly changing. This paper is not designed to be an exhaustive review of every law and directive applicable across the EU and is not to be construed as legal advice. Where appropriate national legislation has been highlighted as it applies to the larger members of the EU.
By reading this paper, IT security practitioners, IT managers and others will gain an awareness of legal factors that affect them today. It is strongly advised that any organisation requiring further explanations or details of appropriate legislation consult qualified legal practitioners.