Neelie Kroes wants to force companies in the EU to disclose data breaches
EU digital chief Neelie Kroes is drafting a proposal that requires all companies that store data on the Internet to report loss or theft of personal information in the EU. Companies that don’t report data loss risk fines and sanctions.
According to the NYT:
The proposal, which is being drafted by Neelie Kroes, the European Union’s commissioner for the digital agenda, aims to impose, for the first time, E.U.-wide reporting requirements on companies that run large databases, those used for Internet searches, social networks, e-commerce or cloud services.
Not everybody is happy with the plan because the wording includes not only the traditional compilers of huge CRM databases (telco’s and utilities) but just about any cloud service.
The tech industry says it supports the idea, but it says the proposed regulation needs to make clear that breaches only need to be reported “when necessary and useful to consumers”:
“Harmonization of the notification requirements for security breaches is important and should be addressed,” said Thomas Boué, the government affairs director in Brussels for the Business Software Alliance, whose members include Microsoft, I.B.M., Apple, Oracle and Intel. “More precise guidelines in the directive on the trigger and threshold procedures would make the system more workable.”
Read more: NYT
Powered by Facebook Comments