The exchange of confidential information with public administrations and state law enforcement agencies via encrypted channels is based on European and national legislation on data protection, information security and cooperation with authorities. In particular, Regulation (EU) 2016/679 (GDPR) establishes in Article 32 the obligation to implement appropriate technical and organisational measures, such as encryption, to ensure the security of personal data. Furthermore, Directive (EU) 2016/680 regulates the processing of personal data by competent authorities for the purposes of preventing and investigating criminal offences.
At national level, the processing and communication of data with public administrations are governed not only by Organic Law 3/2018 on the Protection of Personal Data and the Guarantee of Digital Rights, by Law 40/2015 on the Legal Regime of the Public Sector, which establishes the general framework for action and electronic relations between public administrations and citizens, including the principles of cooperation, interoperability and security in the exchange of information. In this context, the adoption of appropriate technical measures to ensure data protection and the security of communications is required, in line with the provisions of the National Security Framework.
The purpose of this document is to establish the procedure for ensuring the secure transmission of confidential information to public administrations, law enforcement agencies or other official bodies using compression encryption or PGP, thereby guaranteeing confidentiality, integrity, authenticity and non-repudiation.
Email for enquiries: authorities@gigas.com
EN | Eur
