The Internet makes it possible to access huge amounts of information stored in tens of thousands of different locations. It provides great opportunities for businesses and users, but also poses serious risks, as some of this data is extremely sensitive. This is true for a variety of services ranging from confidential medical and financial records, including personably identifiable data and less sensitive data including search history, phone calls and location-specific data which in isolation or in aggregate may be more valuable or sensitive.

With growing popularity of online services such as social networks, search engines, e-commerce platforms and cloud computing, secure and trustworthy digital environment is more important today than it has ever been. Companies offering services on the Internet should take all necessary steps to ensure that sensitive data is stored and transferred securely. This is particularly important for companies who have made it their business to offer and facilitate access to information stored on the “world wide web”.

ICOMP closely monitors the regulatory developments in the field of online security and welcomes recently published EU’s strategy for An Open, Safe and Secure Cyberspace along with proposed directive on network and information security (NIS). This proposal requires that a wide range of businesses – including e-commerce platforms, internet payment gateways, social networks, search engines, cloud computing services and app stores will have to ensure that the networks and information systems under their control – meet minimum security standards, to be laid down by the EU.

ICOMP believes that regulatory measures in the field of online security should strike the right balance between the objective of facilitating access and the need to ensure security of sensitive data. By ensuring open and safe Internet for European businesses and citizens, they should contribute to economic growth, competition in the online marketplace and innovation.



  1. Data minimisation: only those data should be collected that are necessary for the service requested; this principle applies both to data expressly requested from the user and for all other data collected by the provider of the service.
  2. Proportionality: the “value” of the data to the person whose data are being collected should not exceed the advantage that he or she gains by using the service or “app”. This principle applies in addition to the principle of data minimisation.
  3. Proactive not Reactive: Privacy invasive events must be prevented and anticipated before they happen.
  4. Privacy by Default: No action should be required on the part of the individual to protect their privacy — it should be built into the system, by default.
  5. Privacy Embedded into Design: Privacy should be embedded into the design and architecture of IT systems and business practices, not bolted on as an add-on.
  6. Full Functionality: All legitimate interests and objectives should be accommodated in a positive-sum “win-win” manner.
  7. End-to-End Security – Lifecycle Protection: Ensures a secure lifecycle management of information, end-to-end.
  8. Visibility and Transparency: The privacy component parts and operations should remain visible and transparent to users and providers alike.
  9. Respect for User Privacy: Keep the interests of the individual uppermost by offering strong privacy defaults, such as appropriate notice and opt-out options, and empowering user-friendly options.


Jump to:
Security in the News ICOMP Blogs on Security Relevant White Papers

Security in the News

FBI warns technology companies of China-affiliated hackers The Daily Telegraph, October 20th, 2014
Russia outlines plans to beef up internet security The Financial Times, October 1st, 2014
Law Firms Are Pressed on Security for Data The New York Times, March 26th, 2014
The principle of privacy is worth fighting for The Guardian, March 18th, 2014
Cyber-security: White hats to the rescue The Economist, February 22nd, 2014
Half of UK consumers concerned about mobile security The Daily Telegraph, February 20th, 2014
GPS pioneer warns on network’s security The Financial Times, February 13th, 2014

ICOMP Blogs on Security

Against the Goliaths of the online marketplace the law must stand behind David, says Reding March 20th, 2013 by ICOMP Secretariat Yesterday the European Commission’s Vice President Viviane Reding addressed the EU Consumer Summit on the issue of enforcement. Ms Reding ... read more
Caught again! March 12th, 2013 by ICOMP Secretariat Another day, another Google privacy breach. This time no less than 30 US states have taken aim at Google for surreptitiously collecting ... read more
CNIL Continues Investigation – UPDATE February 28th, 2013 by ICOMP Secretariat On 16th February 2013, France’s National Commission for Computing and Civil Liberties, (CNIL) announced that in response to Google’s Privacy ... read more

Relevant White Papers

UK flagUK flag Imperatives for a healthy, secure and competitive InternetOctober 6th, 2009