EC launches public consultation on data breach rules
The European Commission (EC) has today launched a public consultation on the rules on how and where telecoms operators and ISPs should report data breaches. In May this year, the EC released an ePrivacy Directive that would force ISPs to make breaches public. This consultation will provide the industry with the opportunity to voice its opinion on the directive. Neelie Kroes, commission vice-president for the Digital Agenda, said: "The duty to make data breaches public is an important part of the new EU telecoms rules.
"But we need consistency across the EU: businesses shouldn't have to deal with a range of different national schemes. I want to provide a level playing field, with certainty for consumers and practical solutions for businesses." In addition to industry bodies, the EC expects to hear from consumer groups, member states, national data protection authorities and even citizens themselves. It has asked for input into how organisations intend to comply with the new directive. This includes a specification of what type of data breaches is seen as relevant. The EC also wants opinions on how long an organisation should reasonably take to notify the necessary parties once a breach has occured, and what information that notification message should contain.
The consultation will close on 9 September 2011. After this date, the EC will consult the European Network and Information Security Agency (ENISA), the Article 29 Data Protection Working Party and the European Data Protection Supervisor (EDPS) if it wishes to act on any of the suggestions it receives.
MTCHT
ICT
TECHNOLOGICAL INNOVATIONS
POST
ABOUT US
NEWS
INTERESTING
INTERVIEW
ANALYSIS
ONLAIN LESSONS