The European Commission has issued new breach notification standards for EU telecommunications and Internet service providers, PC World reports. The new “technical implementing measures” detail practical rules for implementing the ePrivacy Directive. The new measures will ensure that users in EU nations receive the same notification if their data is compromised from a breach. A public consultation initiated in 2011 found that EU nations were implementing the directive in vastly different ways, including the handling of notification deadlines. As a result, one measure mandates that providers notify data protection authorities of a breach within 24 hours of detection. Companies that encrypt personal data will be exempt from notifying users if the data is compromised.
If you want to comment on this post, you need to login.