Welcome to our website. If you continue to browse and use this website, you are agreeing to comply with and be bound by the following terms and conditions of use, which together with the European data protection rules, regulates our relationship with you in relation to this website. If you disagree with any part of these terms and conditions, please do not use our website.

The term ‘CT MORSE’ refers to the the EU Counter-Terrorism Monitoring, Reporting and Support Mechanism project implemented by the Royal United Services Institute for Defence Studies (RUSI) and produced with the assistance of the European Union.

The use of this website is subject to the following terms of use:

– The content of the pages of this website is for your general information and use only. It is subject to change without notice.

– Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose.

– Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any information available through this website meet your specific requirements.

– This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.

– All trade marks reproduced in this website which are not the property of, or licensed to, the operator are acknowledged on the website.

– Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.

– From time to time this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).

– Your use of this website and any dispute arising out of such use of the website is subject to the laws of European Union.


All information on and distributed via this site is the copyright of the Royal United Services Institute for Defence Studies (RUSI).

Whilst every care is taken to ensure the accuracy of the information contained on this site, no liability can be accepted by RUSI, its directors or employees, for any loss occasioned to any person or entity acting or failing to act as a result of anything contained in or omitted from the content of this web site.

Reproduction in whole or in part of any content on or distributed via this site is permitted only with the written permission of RUSI.

This website has been produced with the assistance of the European Union. The contents of this website are the sole responsibility of RUSI and can in no way be taken to reflect the views of the European Union.


This Web site is designed to be accessible to visitors with disabilities, and to comply with EU guidelines concerning accessibility. We welcome your comments. If you have suggestions on how to make the site more accessible, please contact us at ctmorse@rusi.org


This privacy policy sets out how the EU Counter-Terrorism Monitoring, Reporting and Support Mechanism (CT MORSE) uses and protects any information that you give “CT MORSE” when you use this website.

“CT MORSE” is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

“CT MORSE” may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 03 June 2019.


We will collect your basic personal data from the contact form in order to answer you properly as soon as possible we will keep it in order to contact you in the future. If you want to remove from our register your data, you just have to contact us. No external partner of this website will collect any personal data.


It is not possible to leave comments on the website. Comments can be submitted exclusively through the “Contact us” page.


Visitors to the website can download and extract any location data from images on the website.


If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.


Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.


We use Google Analytics to trace number of visitors, and the origin from them, not any other personal data will be provided and/or used by us.


We will not share any personal data with anyone.


For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.


If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.


We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.


You can contact us about your privacy to this email: ctmorse@rusi.org


The policy is designed to aid compliance with the General Data Protection Regulation or GDPR, and takes account of the Article 29 Data Protection Working Party’s guidance on personal data breach notifications.

As the Working Party state in that guidance, “controllers and processors are […] encouraged to plan in advance and put in place processes to be able to detect and properly contain a breach, to assess the risk to individuals, and then to determine whether it is necessary to notify the competent supervisory authority, and to communicate the breach to the individuals concerned when necessary”.

A formal personal data breach notification procedures is recommended by the Working Party: “To aid compliance with Articles 33 and 34, it would be advantageous to both controllers and processors to have a documented notification procedure in place, setting out the process to follow once a breach has been detected, including how to contain, manage and recover the incident, as well as assessing risk, and notifying the breach”.

“Personal data breach” under the GDPR covers more than just the unauthorised disclosure of personal information. The phrase is defined as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed by the company”.

The policy covers three different types of notification: (i) notifications by a data controller to a supervisory authority, such as the Information Commissioner’s Office in the EU; (ii) notifications by a data processor to the data controller whose data is the subject of the breach; and (iii) notifications by a data controller to data subjects, i.e. human beings. Three schedules to the policy contain notification forms, one for each type of notification.

Whilst the policy does cover incident detection and response in summary form, it is primarily concerned with notification, and larger organisations at least should combine this document with more detailed policies covering detection and response. Moreover, the policy focuses upon personal data breaches, not information security incidents generally.

The policy is not designed for use in relation to any non-GDPR data breach notification rules and – if any other such rules apply to the relevant business – the policy would need to be adapted accordingly before use.


You can contact us about your privacy to this email: ctmorse@rusi.org