23 Jan 2012
The European Union (EU) is planning to release new proposals that firms be given 24 hours to formally disclose data breaches, according to widespread reports.
"Companies that suffer a data leak must inform the data protection authorities and the individuals concerned, and they must do so without undue delay," said vice president of the European Commission Viviane Reding at last week's DLD conference, according to Bloomberg.
Corporate giant Sony was criticised for the length of time it took to notify its customers that more than 100 million accounts had been compromised when its servers were hacked in early 2011.
The new rules, if adopted, would ensure that firms have clear guidance over what is expected of them, if they are hacked.
The proposals will also aim to homogenise data protection rules across the EU, making it easier for international businesses to understand their obligations.
Reding said this will save businesses £1.9bn per year by reducing administrative costs.
In her speech, Reding also stated that the EU will amend its policies around online advertising and social networking.
Stricter rules around cookies will be imposed, and powers will be conferred on national data protection authorities to impose fines on organisations that fail to comply.
Reding said the legislation will require organisations to obtain "specific and explicit" consent from internet users to store information, and to delete data unless there is a "legitimate and legally justified interest" in keeping it.
The EU is expected to formally announce its proposals on Wednesday, 26 January 2012.
so Viviane Reding thinks that imposing an administrative burden will save costs? What planet was she speaking from?
Whilst I have every sympathy for forced disclosure of data leaks - its a damn good idea - a 24hour limit on disclosure simply won't work. Imagine an employee leaves a disk in a taxi - how long before they work out that's what happened? How long after that before they admit it, or, if its a copy, do they try and cover it up? If so, who's guilty?
Posted by: Tom Sweeney 23 Jan 2012
Have your say on this article
Newsletters
Latest stories from Privacy
You may also like
Privacy jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?