New EU rules on personal data breach notification for telecoms and ISPs came into force recently (on 25 August 2013). European Commission Regulation (EU) 611/2013 of 24 June 2013 on the measures applicable to the notification or personal data breaches under the ePrivacy Directive (2002/58/EC) aims to ensure that telecoms operators, internet service providers and other public electronic communications service providers notify personal data security breaches consistently across the EU.
The revised ePrivacy Directive (2009/136/EC) requires telcos and ISPs to keep personal data secure and confidential and to notify relevant national data protection authorities of any breach where the affected individuals’ personal data or privacy are likely to be adversely impacted, in particular where the data is stolen, lost or accessed by unauthorised persons. The Notification Regulation requires service providers to notify the relevant national DPAs within 24 hours of detection of the breach. In addition, affected individuals must be notified without undue delay and provided with detailed information about the data breach.
SOURCE: mondaq.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…