EU may mandate data breach notification (OT)

[Al Mac <macwheel99 () sigecom net>]

Like the laws of many US states, there are apparent holes in the protection 
proposed.  It may only cover breaches at equivalent of ISPs and phone 
companies.

The EC proposes that all providers of "electronic communications networks 
or services" be forced to notify customers and regulators of any breaches 
of security that would result in their personal data being made available 
to others.

The current EU Directive only instructs network providers to notify 
customers of security risks. It does not cover security breaches.


http://www.theregister.co.uk/2006/09/13/europe_data_breach_law/


_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 146 million compromised records in 366 incidents over 6 years.