Dutch IT companies rebel against security breach notification law

Nederland ICT, the Netherlands’ trade association that represents Dutch IT companies with over 250,000 staff between them, is not amused by a Dutch government plan to force tech firms to report security breaches.

Overlap

This summer, Ivo Opstelten, the Dutch justice and security minister, issued a draft of the statutory reporting of security breaches bill. Nederland ICT dismissed the proposed legislation as redundant, since Dutch companies are already obliged to report breaches to a myriad of organisations — including the country’s data protection and telecoms authorities, among others — leaving firms with a considerable administrative and legal burden.

Nederland ICT says that, if passed, the act would cause a significant amount of extra admin for Dutch companies: “A telecoms operator, for instance, that suffers an incident where systems are compromised, potentially affecting personal data and the continuity of services, is obliged to report it to no less than four different bodies,” the association said.

SOURCE: zdnet.com

Information Security Buzz