ABSTRACT
This chapter outlines the legal implication of information sharing in the context of network and information security. It gives an overview of the different horizontal legislation that is potentially applicable to information sharing in relation to Network and Information Systems (NIS). The chapter focuses on mapping the European Union (EU) cybersecurity legal framework; information sharing: breaches, threats and best practices; and legal certainty, information sharing, and potential legal barriers to data transfer. It also outlines the classification of certain information as classified by public authorities and the economic interests associated with keeping information hidden. The chapter explores the role of data protection and thus the individual fundamental right to the protection of personal data. It also focuses on the breach notification and the limitations of reactive sharing. The chapter examines some of the broader socioeconomic obstacles to sharing including examples of some indirect legal obstacles.
