EU: Telcos' data breach notification amendment is passed

[security curmudgeon <jericho () attrition org>]

http://www.out-law.com/page-10497

Telcos' data breach notification amendment is passed

OUT-LAW News, 03/11/2009

The European Council has approved a data breach notification rule for 
Europe's telecoms firms. The amendment to an EU Directive will force 
telcos to tell customers if they lose their data.

The European Parliament and Commission have already approved the 
amendments, which will become law after it has been published in the EU's 
Official Journal and signed by the President of the Council and President 
of the European Parliament.

The amendments, though, do not extend data breach notification duties to 
non-telecoms firms, despite the Parliament's earlier demands that it 
include providers of 'information society services' such as online banks 
or health services providers.

"The Council adopted a directive amending legislation in force on 
universal service, ePrivacy and consumer protection," said a Council 
statement on its meeting last week. "The directive adapts the regulatory 
framework by strengthening and improving consumer protection and user 
rights in the electronic communications sector, facilitating access to and 
use of ecommunications for disabled users and enhancing the protection of 
individuals privacy and personal data."

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php