ENISA”Recommendations for a methodology of the assessment of severity of personal data breaches" Working Document, v1.0, December 2013のメモ。









  • 文脈(DPC、Data Processing Context):漏えい等した個人情報の内容+個人情報取り扱いの文脈
    Data Processing Context (DPC): Addresses the type of the breached data, together with a number of factors linked to the overall context of processing.
  • 特定可能性(EI、Ease of Identification):漏えい等した個人情報が誰のことかが簡単にわかるかどうか
    Ease of Identification (EI): Determines how easily the identity of the individuals can be deduced from the data involved in the breach.
  • 漏えい等の状況(CB、Circumstances of breach):悪意、紛失、セキュリティ不足などの漏えい等の種類+状況
    Circumstances of breach (CB): Addresses the specific circumstances of the breach, which are related to the type of the breach, including mainly the loss of security of the breached data, as well as any involved malicious intent.



1. 文脈

Step 1: Definition and classification of the types of personal data

  • a) 個人情報の種類 Define the types of the personal data involved in the breach.
  • b) 4種類に分ける(単純、行動、経済、機微情報)
    Classify the data in at least one of the four categories: simple, behavioural, financial, and sensitive data (these categories are explained in details in Annex 1). In this way a preliminary basic DPC score is obtained.


Step 2: Adjustment by contextual factors related to the data processing

  • c) データ量、漏えい会社の特徴、個人の特徴、データの不正確性、公開情報か、データの性質
    Assess the occurrence of certain factors that could increase or decrease the basic score (data volume, special characteristics of the controllers or the individuals, invalidity/inaccuracy of data, public availability (before the breach), nature of data).
  • d) cによって、リスクが下がるか上がるかを踏まえて、基礎点に加除する
    In case such factors exist, accordingly increase/decrease the basic score. Assessment Table 1 provides the adjustment scales per category of data, together with example cases that could lead to lower/higher scores.
2. 特定可能性



3. 漏えい等の状況