72 Pages Posted: 30 Apr 2015 Last revised: 24 Aug 2015
Date Written: April 30, 2015
This report (the “Report”) considers certain legal requirements relating to data security in the EU, and specifically the use of multi-factor authentication as a method of meeting the security obligations established by European Directive 95/46 EC on the processing of personal data (the “Directive”). Following this Executive Summary, the Report comprises two sections: a discussion of the requirements of data security under European data protection legislation, and a study of selected national positions.
Keywords: data security, cyber security, authentication, two-factor, multi-factor, Data Protection, data privacy, General Data Protection Regulation
Suggested Citation: Suggested Citation
Kennedy, Elizabeth J and Millard, Christopher, Data Security and Multi-Factor Authentication: Analysis of Requirements Under EU Law and in Selected EU Member States (April 30, 2015). Queen Mary School of Law Legal Studies Research Paper No. 194/2015. Available at SSRN: https://ssrn.com/abstract=2600795