CEPIS strongly defends the principle that new ICT technologies should guarantee the privacy of its potential users prior to their introduction.
Code of Best Practices for Green ICT, 2015
CEPIS is committed to mobilising the ICT community through its member informatics societies to promote Green ICT and the use of ICT to help organisations and individuals work in more sustainable and energy efficient ways that reduce impacts on the environment. CEPIS and national European informatics societies are now, as part of this on-going commitment, proposing a Code of Best Practices for Green ICT. The Code seeks to raise awareness and adoption of easy-to-implement and cost-saving best practices amongst all European enterprises.
Position on the Electronic identification and trust services (eIDAS), 2015
The next generation of eIDs could bring strong and efficient data protection to European citizens. In the electronic identification and trust services environment for electronic transactions, the realization of identification and authentication using an eID should prevent tracking of users.
Statement on Supporting High-level Decision Making on Cyber Security and Privacy Protection with Reliable Data, 2014
There is no doubt that both privacy protection and cyber security (i.e. addressing the problem of security of cyberspace on a national or international level) have achieved some recognition from governments and international bodies. Subsequently, the need for various high-level decisions highlights the importance of proper fundamentals for such decision making.
Computing in Schools - A Call for Action from Informatics Societies, 2014
As ICT increasingly pervades society and the economy, the demand for IT personnel is growing fast, outpacing the current supply of qualified professionals and producing chronic shortages in the computing industry. The low numbers of students choosing computing as a career is exacerbating the situation. This paper argues that children’s digital education should be reformed to better integrate Computer Science in the school curricula. The paper describes the issues arising from the lack of computing in schools, and it outlines practical steps to develop Computer Science in the classroom.
Assisting EU Citizens with Reliable ICT Security Information, 2013
European citizens are used to sharing their information on the web, be it personal or professional, on a daily basis. However they are often unaware of the security risks that come with sharing data online. This is particularly problematic given the rise of ICT security breaches and large-scale data collection, as reported in the media. In this context, this CEPIS LSI SIN statement calls on policy-makers – at the European and national level - to take action to ensure that all citizens have access to trustworthy information regarding ICT threats. The paper outlines 8 key recommendations to help equip citizens with reliable ICT information.
CEPIS Statement on the Future EU Data Protection Regulation, 2013
In this statement CEPIS expresses its support to the Data Protection in Europe statement and it highlights a series of issues to take into a consideration with regard to the draft EU General Protection Regulation proposed by the European Commission to replace the current Data Protection Directive adopted in 1995. For instance, pseudonymisation, anonymisation and encryption should not be misunderstood as a replacement for data protection by regulation or as reason to lower the level of data protection regulation Europe.
CEPIS Women in ICT Position Statement, 2013
The CEPIS Women in ICT Task Force has identified five priorities to get more young girls and women into ICT and to help close the digital jobs gap. The declining supply of ICT graduates coupled with the growing demand of digital jobs is a serious threat for the ICT profession, the sector and Europe’s employment and growth potential. The priorities identified by the Task Force include the creation of a European Girls in ICT Day, the promotion of strong female ICT role models to inspire young girls, and a greater integration of ICT in the classroom and in the curriculum.
Cloud Computing Security and Privacy Statement, 2011
This statement explores the security and privacy implications associated with Cloud Computing. It examines areas such as the loss of control over data and dependence on the Cloud Computing provider and outlines the related issues. CEPIS provides 15 recommendations on measures that should be taken to deal with the risks and privacy invasion factors of Cloud Computing.
This statement has also been translated into Greek by the CEPIS Member Society, Hellenic Professionals Informatics Society (HePIS), and translated into Spanish by Asociación de Técnicos de Informática (ATI).
Letter of support on data protection in the framework of police and judicial cooperation in criminal matters to the European Data Protection Supervisor Peter Hustinx, 2009
With full credit to the outstanding work of the European Data Protection Supervisor, CEPIS would like to support the encouragement of the EDPS for the EU institutions to take part in the reflections on further improvements of the framework for data protection in law enforcement. CEPIS supports the concerns expressed with regard to the general data protection framework for police and judicial cooperation and urges the Council of the European Union to take further steps to increase the level of protection provided by the new legal instrument.
The statement was originally provided by CEPIS LSI SIN
Privacy-Consistent Banking Acquisition Statement, 2009
This statement outlines the practice that has developed within some banks in Europe to acquire more information than necessary about their clients. This practice presents a serious threat to the protection of the privacy of European citizens, in particular with respect to the principle of proportionality of data. The statement includes recommendations to address this situation and brings both the acquisition and access to data in line with European privacy regulations.
Social Networks - Problems of Security and Data Privacy Statement, 2008
This paper, together with its associated background paper, explores the Security and Privacy issues with Social Networking sites from both a business and personal perspective. At a time when the use or misuse of personal data is said to be of great concern to the citizen, this same citizen may voluntarily place his information on social network sites and see no contradiction. The extent to which this information may be mined for other purposes is unclear. In a corporate environment the use of social software as a part of the business process brings security issues that require a new security model. Some recommendations are made for the way forward.
Position Paper on Universities, 2008
This paper discusses the challenges that Universities offering informatics degrees face in today’s rapidly changing world. The paper focuses on the collaboration between universities and the industry contending that it can be mutually beneficial and help Europe to create a dynamic and competitive knowledge economy. Furthermore, the paper examines the role that the EU and other stakeholders can take in facilitating university-industry relations. CEPIS, being the representative of the ICT professionals in Europe, can work with the Universities, Industry and the European Commission to ensure that education institutions can satisfy the needs of the knowledge base economy.
Position paper on data retention, 2008
The statement on data retention, endorsed by the CEPIS Legal and Security Informatics SIN, discusses new issues that have arisen since the adoption of the data retention Directive. The major concerns include the period of time for which data can be retained, the security of stored data, mutual cooperation between service providers and the authorities and the reimbursement of costs. Moreover, the paper makes recommendations on the definitions of “serious crime”, retained data, the problem of communicating content information, a shorter retention period, secure storage and transfer of data and reimbursement of costs.
Authentication approaches for on-line banking, 2007
The statement, endorsed by CEPIS, discusses authentication and security issues of on-line banking. The popularity and wide use of on-line banking can lead to abuses, activities by malicious and criminal users and a rise in organised criminal attempts (e.g. phishing). The statement surveys contemporary authentication approaches used by European banks and points out that complex and error prone security measures do not provide any security improvement, but rather discourage or prevent users easily entering the electronic market place. The recommendations are targeted at different partiesm, i.e. banks and other financial institutions and organizations, governments and regulators, professionals and customers. For each group specific recommendations are suggested.
Data Retention has Serious Consequences, 2004
The original data retention statement from 2004 discusses protection of privacy of citizens, major problems in the technical and financial realization of data retention of such a vast scope. The recommendations include the reduction of the retention time and the amount of the retained data. Additionally, the costs for the necessary data retention facilities should be put into public hands by law.
In the statement, published in 1999, e-commerce is considered as a desirable development given appropriate governmental and societal regulation and discipline. Specifically, the development of appropriate standards and generally accepted codes of good practice and codes of conduct are recommended. Associated with these should be the institution of competent complaint boards and other forms of assistance.
Crypto Statement, 1996
The statement on the control of encryption was issued in 1996. It discusses whether the import, export and production of cryptographic tools, as well as their use, should be restricted. Recommendations were proposed regarding the unrestricted use of cryptography for certain purposes, the ability of all individuals and organisations in the private and public sectors to use cryptography, not reducing the opportunities for individuals or organizations in the private and public sectors, and on an agreement of governments on a policy relating to their access to computerized data.