This study examines the legal and policy frameworks that govern and regulate the use of information and communications technology (ICT) by European Union (EU) institutions and agencies. Specifically, it maps and reviews these frameworks in terms of the extent to which they account for information security and data privacy. The study pursues a two-fold research approach. First, it offers a lar…