Home » D3.7 EU White Paper around legal compliance and policy statements including recommendations

D3.7 EU White Paper around legal compliance and policy statements including recommendations

The work in this deliverable is related to Objective 3 of cyberwatching.eu, which is to “play a supporting role in the policy, regulatory standards & legal discussions that contribute to shaping up the global cybersecurity & privacy landscape.” This document is the White paper around legal compliance & policy statements including recommendations (M51), which is the final version of a preliminary version D3.4 (M26) relating to the Task 3.4 on Legal Compliance in cybersecurity & privacy.

It combines the legislation, the best practices available, the guidelines or opinions of the European Data Protection Supervisor (“EDPS”), the European Data Protection Board (“EDPB”, former Article 29 Working Party), the High Level Expert Group of Artificial Intelligence (“HLEG AI”), as well as of competent Supervisory Authorities (“SAs”) of EU Member States, and the practical considerations of European Projects (“EU Projects”), and Small and Medium Enterprises (“SMEs”) participating at the various stakeholders’ events throughout the duration of the Cyberwatching.eu project.

The document offers a robust package of recommendations facing both the policy makers and the Supervisory Authorities, to address stakeholders’ needs. Clear explanations of the fundamental obligations included in the EU Regulation 2016/679, known as “General Data Protection Regulation” or “GDPR”, can best be provided by the experts that practice and apply the GDPR on a day-to-day basis, making the cyberwatching.eu partners the most appropriate resource of creating this impact. The ultimate aim of merging the legal knowledge and practical observation of reality was to develop online tools that are meant to complement one another, resulting in self-assessment tools that provide handy self-explanatory legal and practical recommendations for all stakeholders, including SMEs.


On the event of the adoption of the draft regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union, the AI4HealthSec project kicked off a process to provide its opinion.