BreachExchange mailing list archives
Europe Weighs Requiring Firms to Disclose Data Breaches
From: Richard Forno <rforno () infowarrior org>
Date: Thu, 17 Jan 2013 09:56:09 -0500
Europe Weighs Requiring Firms to Disclose Data Breaches By KEVIN J. O’BRIEN BERLIN — To combat a rise in cybercrime, the European Commission is considering a plan to require companies that store data on the Internet — like Microsoft, Apple, Google and I.B.M. — to report the loss or theft of personal information in the 27-nation bloc or risk sanctions and fines. The proposal, which is being drafted by Neelie Kroes, the European Union’s commissioner for the digital agenda, aims to impose, for the first time, E.U.-wide reporting requirements on companies that run large databases, those used for Internet searches, social networks, e-commerce or cloud services. The proposed directive would supplant a patchwork of national laws in Europe that have made reporting mandatory in Germany and Spain, but voluntary in Britain and Italy. While European lawmakers are trying to limit cybercrime, the plan by Mrs. Kroes has generated controversy because it would extend the obligation to report data breaches beyond traditional compilers of customer databases — telephone, transport and utility companies. The technology industry supports the idea of a more systematic approach to the flagging of security breaches, but says the proposal needs more specific guidelines to ensure that notifications are required only when necessary and useful to consumers. < - > http://www.nytimes.com/2013/01/17/technology/17iht-data17.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- Europe Weighs Requiring Firms to Disclose Data Breaches Richard Forno (Jan 17)