{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,15]],"date-time":"2025-11-15T17:10:23Z","timestamp":1763226623526,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,11,15]],"date-time":"2018-11-15T00:00:00Z","timestamp":1542240000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,11,15]]},"DOI":"10.1145\/3277570.3277580","type":"proceedings-article","created":{"date-parts":[[2018,10,25]],"date-time":"2018-10-25T12:14:38Z","timestamp":1540469678000},"page":"1-5","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["It's all fun and games, and some legalese"],"prefix":"10.1145","author":[{"given":"Danaja Fabcic","family":"Povse","sequence":"first","affiliation":[{"name":"Centre for IT & IP Law, KU Leuven, Leuven, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,11,15]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"International Journal of Scientific &amp","author":"Alharthi Kholoud K","year":"2016","unstructured":"Alharthi , Kholoud K . ( 2016 ). Employer Liability for Improper Computer and Internet Use by Employees , International Journal of Scientific &amp ; Engineering Research, Volume 7, Issue 4, April-2016, 27--32 Alharthi, Kholoud K. (2016). Employer Liability for Improper Computer and Internet Use by Employees, International Journal of Scientific & Engineering Research, Volume 7, Issue 4, April-2016, 27--32"},{"key":"e_1_3_2_1_2_1","volume-title":"WP259.01","author":"Working Party","year":"2017","unstructured":"Article 29 Working Party , Guidelines on consent under Regulation 2016\/679 , WP259.01 , 28 November 2017 \/10 April 2018 Article 29 Working Party, Guidelines on consent under Regulation 2016\/679, WP259.01, 28 November 2017\/10 April 2018"},{"key":"e_1_3_2_1_3_1","unstructured":"Article 29 Working Party Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is 'likely to result in a high risk' for the purposes of Regulation 2016\/679 WP 248  Article 29 Working Party Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is 'likely to result in a high risk' for the purposes of Regulation 2016\/679 WP 248"},{"key":"e_1_3_2_1_4_1","volume-title":"WP243","author":"Working Party","year":"2016","unstructured":"Article 29 Working Party , Guidelines on data protection officers (DPO) , WP243 , 13 December 2016 Article 29 Working Party, Guidelines on data protection officers (DPO), WP243, 13 December 2016"},{"key":"e_1_3_2_1_5_1","unstructured":"Article 29 Working Party Guidelines on transparency under Regulation 2016\/679 WP260  Article 29 Working Party Guidelines on transparency under Regulation 2016\/679 WP260"},{"key":"e_1_3_2_1_6_1","first-page":"2010","article-title":"on the concepts of \"controller\" and \"processor","volume":"169","author":"Working Party","year":"2010","unstructured":"Article 29 Working Party , Opinion 1\/ 2010 on the concepts of \"controller\" and \"processor \", WP 169 , 16 February 2010 Article 29 Working Party, Opinion 1\/2010 on the concepts of \"controller\" and \"processor\", WP 169, 16 February 2010","journal-title":"WP"},{"key":"e_1_3_2_1_7_1","unstructured":"Article 29 Working Party Opinion 2\/2017 on data processing at work WP249 8 June 2017  Article 29 Working Party Opinion 2\/2017 on data processing at work WP249 8 June 2017"},{"key":"e_1_3_2_1_8_1","unstructured":"Burgerlijk Wetboek unofficial translation available at http:\/\/www.dutchcivillaw.com\/  Burgerlijk Wetboek unofficial translation available at http:\/\/www.dutchcivillaw.com\/"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.5555\/2017470.2017477"},{"key":"e_1_3_2_1_10_1","first-page":"28","volume-title":"Les","author":"Chynoweth Paul","year":"2008","unstructured":"Chynoweth , Paul . \" Legal Research .\" In Advanced Research Methods in the Built Environment , edited by Knight, Andrew and Ruddock , Les , pp. 28 -- 38 . Chichester : Blackwell , 2008 Chynoweth, Paul. \"Legal Research.\" In Advanced Research Methods in the Built Environment, edited by Knight, Andrew and Ruddock, Les, pp. 28--38. Chichester: Blackwell, 2008"},{"key":"e_1_3_2_1_11_1","unstructured":"Code Civil available at http:\/\/www.droitbelge.be\/codes.asp  Code Civil available at http:\/\/www.droitbelge.be\/codes.asp"},{"key":"e_1_3_2_1_12_1","unstructured":"COMPACT - COmpetitive Methods to protect local Public Administration from Cyber security Threats available at https:\/\/www.compact-project.eu\/en  COMPACT - COmpetitive Methods to protect local Public Administration from Cyber security Threats available at https:\/\/www.compact-project.eu\/en"},{"key":"e_1_3_2_1_13_1","volume-title":"April 29","author":"COMPTIA","year":"2016","unstructured":"COMPTIA , International Trends in Cyber-Security , April 29 2016 , retrieved on 09\/06\/2018, available at https:\/\/www.comptia.org\/resources\/international-trends-in-cybersecurity COMPTIA, International Trends in Cyber-Security, April 29 2016, retrieved on 09\/06\/2018, available at https:\/\/www.comptia.org\/resources\/international-trends-in-cybersecurity"},{"key":"e_1_3_2_1_14_1","unstructured":"Court Order of Regional Court of Bonn of 30 May 2018 Docket no. 10 O 171\/18 unofficial translation available at https:\/\/www.icann.org\/en\/system\/files\/files\/litigation-icann-v-epag-request-court-order-prelim-injunction-redacted-30may18-en.pdf  Court Order of Regional Court of Bonn of 30 May 2018 Docket no. 10 O 171\/18 unofficial translation available at https:\/\/www.icann.org\/en\/system\/files\/files\/litigation-icann-v-epag-request-court-order-prelim-injunction-redacted-30may18-en.pdf"},{"key":"e_1_3_2_1_15_1","unstructured":"Cuijpers Collette (2007). ICT and employer-employee power dynamics: a comparative perspective of the United States' and Netherlands' workplace privacy in light of information and computer technology monitoring and positioning of employees. J. Marshall Journal of Information Technology & Privacy Law Vol. 25 Issue I 37--77  Cuijpers Collette (2007). ICT and employer-employee power dynamics: a comparative perspective of the United States' and Netherlands' workplace privacy in light of information and computer technology monitoring and positioning of employees. J. Marshall Journal of Information Technology & Privacy Law Vol. 25 Issue I 37--77"},{"key":"e_1_3_2_1_16_1","unstructured":"Directive (EU) 2016\/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union  Directive (EU) 2016\/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union"},{"key":"e_1_3_2_1_17_1","volume-title":"Brussels","author":"European Commission","year":"2017","unstructured":"European Commission ( 2017 ). Joint communication to the European Parliament and the Council: Resilience, Deterrence and Defence: Building strong cybersecurity for the EU , Brussels European Commission (2017). Joint communication to the European Parliament and the Council: Resilience, Deterrence and Defence: Building strong cybersecurity for the EU, Brussels"},{"key":"e_1_3_2_1_18_1","volume-title":"Assessing the necessity of measures that limit the fundamental right to the protection of personal data: a toolkit","author":"European Data Protection Supervisor","year":"2017","unstructured":"European Data Protection Supervisor ( 2017 ). Assessing the necessity of measures that limit the fundamental right to the protection of personal data: a toolkit European Data Protection Supervisor (2017). Assessing the necessity of measures that limit the fundamental right to the protection of personal data: a toolkit"},{"key":"e_1_3_2_1_19_1","volume-title":"Handbook on European non-discrimination law","author":"European Union Agency for fundamental rights","year":"2018","unstructured":"European Union Agency for fundamental rights ( 2018 ). Handbook on European non-discrimination law European Union Agency for fundamental rights (2018). Handbook on European non-discrimination law"},{"key":"e_1_3_2_1_20_1","volume-title":"Cyber Security Culture in organisations","author":"European Union Agency for Network and Information Security","year":"2018","unstructured":"European Union Agency for Network and Information Security ( 2018 ). Cyber Security Culture in organisations European Union Agency for Network and Information Security (2018). Cyber Security Culture in organisations"},{"volume-title":"ECHR 1999-II 75","author":"Iatridis v. Greece","key":"e_1_3_2_1_21_1","unstructured":"Iatridis v. Greece , 31107\/96, 25\/03\/1999 , ECHR 1999-II 75 Iatridis v. Greece, 31107\/96, 25\/03\/1999, ECHR 1999-II 75"},{"key":"e_1_3_2_1_22_1","volume-title":"Data Controller and Data Processor: what the difference is and what the governance implications are","author":"Information Commission","year":"2014","unstructured":"Information Commission er's Office ( 2014 ). Data Controller and Data Processor: what the difference is and what the governance implications are Information Commissioner's Office (2014). Data Controller and Data Processor: what the difference is and what the governance implications are"},{"key":"e_1_3_2_1_23_1","article-title":"Employer Liability for Employee Online Criminal Acts","volume":"51","author":"Nowak J.","year":"1999","unstructured":"Nowak , J. ( 1999 ). Employer Liability for Employee Online Criminal Acts , Federal Communications Law Journal : Vol. 51 (1999), Issue 2 Nowak, J. (1999). Employer Liability for Employee Online Criminal Acts, Federal Communications Law Journal: Vol. 51 (1999), Issue 2","journal-title":"Federal Communications Law Journal"},{"key":"e_1_3_2_1_24_1","unstructured":"Obligacijski zakonik available at http:\/\/pisrs.si\/Pis.web\/  Obligacijski zakonik available at http:\/\/pisrs.si\/Pis.web\/"},{"key":"e_1_3_2_1_25_1","volume-title":"January","author":"Ponemon Institute","year":"2012","unstructured":"Ponemon Institute , The Human Factor in Data Protection , January 2012 , retrieved on 09\/06\/2018, available at https:\/\/www.ponemon.org\/local\/upload\/file\/The_Human_Factor_in_data_Protection_WP_FINAL.pdf Ponemon Institute, The Human Factor in Data Protection, January 2012, retrieved on 09\/06\/2018, available at https:\/\/www.ponemon.org\/local\/upload\/file\/The_Human_Factor_in_data_Protection_WP_FINAL.pdf"},{"key":"e_1_3_2_1_26_1","unstructured":"Proposal for a Regulation European Parliament and of the Council on ENISA the \"EU Cybersecurity Agency\" and repealing Regulation (EU) 526\/2013 and on Information and Communication Technology cybersecurity certification (\"Cybersecurity Act\")  Proposal for a Regulation European Parliament and of the Council on ENISA the \"EU Cybersecurity Agency\" and repealing Regulation (EU) 526\/2013 and on Information and Communication Technology cybersecurity certification (\"Cybersecurity Act\")"},{"key":"e_1_3_2_1_27_1","unstructured":"Regulation (EU) No 526\/2013 of the European Parliament and of the Council of 21 May 2013 concerning the European Union Agency for Network and Information Security (ENISA) and repealing Regulation (EC) No 460\/2004  Regulation (EU) No 526\/2013 of the European Parliament and of the Council of 21 May 2013 concerning the European Union Agency for Network and Information Security (ENISA) and repealing Regulation (EC) No 460\/2004"},{"key":"e_1_3_2_1_28_1","unstructured":"Regulation (EU) 2015\/2219 of the European Parliament and of the Council of 25 November 2015 on the European Union Agency for Law Enforcement Training (CEPOL) and replacing and repealing Council Decision 2005\/681\/JHA  Regulation (EU) 2015\/2219 of the European Parliament and of the Council of 25 November 2015 on the European Union Agency for Law Enforcement Training (CEPOL) and replacing and repealing Council Decision 2005\/681\/JHA"},{"key":"e_1_3_2_1_29_1","unstructured":"Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95\/46\/EC (General Data Protection Regulation)  Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95\/46\/EC (General Data Protection Regulation)"},{"key":"e_1_3_2_1_30_1","unstructured":"Regulation (EU) 2016\/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009\/371\/JHA 2009\/934\/JHA 2009\/935\/JHA 2009\/936\/JHA and 2009\/968\/JHA  Regulation (EU) 2016\/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009\/371\/JHA 2009\/934\/JHA 2009\/935\/JHA 2009\/936\/JHA and 2009\/968\/JHA"}],"event":{"name":"CECC 2018: Central European Cybersecurity Conference 2018","sponsor":["University of Maribor"],"location":"Ljubljana Slovenia","acronym":"CECC 2018"},"container-title":["Proceedings of the Central European Cybersecurity Conference 2018"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3277570.3277580","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3277570.3277580","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:39:38Z","timestamp":1750210778000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3277570.3277580"}},"subtitle":["data protection implications for increasing cyber-skills of employees through games"],"short-title":[],"issued":{"date-parts":[[2018,11,15]]},"references-count":30,"alternative-id":["10.1145\/3277570.3277580","10.1145\/3277570"],"URL":"https:\/\/doi.org\/10.1145\/3277570.3277580","relation":{},"subject":[],"published":{"date-parts":[[2018,11,15]]},"assertion":[{"value":"2018-11-15","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}