Towards a New Personal Data Breach Notification Framework in the EU

The European Commission published recently a Proposal for a Regulation on personal data protection. If adopted, it would repeal the 1995 Data Protection Directive. The Proposal includes a new data security framework: both the data controller and the data processor would have to implement appropriate technical and organizational measures in order to ensure that data is secure; a personal data breach would have to be reported within 24 hours to the supervisory authority, and also, without undue delay, to the data subject if the breach would adversely affect his personal data or privacy. We comment some of the pending issues.

Rate this:

Advertisements

European Data Protection Supervisor Supports General Obligation to Report Security Breaches

"Sunlight" (Photo by Luc De Leeuw; shot on Feb. 3, 2008). Available at http://www.flickr.com/photos/9619972@N08/2422737815/ (Creative Commons "Attribution-NonCommercial-ShareAlike 2.0 Generic (CC BY-NC-SA 2.0)" license.)

The European Data Protection Supervisor has recently issued an opinion on the review of the EU legal framework for data protection (Directive 95/46/EC). It expresses concerns regarding the increasing difficulties for individuals to protect the privacy of their personal data, and calls for strengthening individuals’ rights over them. This can be done, the EDPS argues, by making security breach notifications mandatory for all relevant sectors, increasing transparency of processing for data subjects, and introducing new rights, such as the “right to be forgotten” and the “right to data portability”.

Rate this:

  • Blog authors

  • Copyright notice

    © Copyright 2010-2014 "Information Security Breaches & The Law".
    All rights reserved, unless noted otherwise under each author's post, page or other material.
    If you would like to discuss licensing terms, contact us at: info [at] security-breaches [dot] com.

  • Enter your e-mail address here to follow this blog and receive notifications of new posts by e-mail.

  • The “Global Information Security Breach Professionals” Group on Linkedin

  • Wordpress Blog Stats

    • 43,337 hits