Skip to main content
Publication

EU consultation on breach notification rules for telcos: have your say

06/09/2011

Locations

United Kingdom

The European Commission is asking all relevant stakeholders to contribute to a consultation on practical rules that will implement EU-wide breach notification laws under the ePrivacy Directive.

This alert was featured in Tech Bytes, our technology law newsletter.

Tech Bytes contents

 

The European Commission is asking all relevant stakeholders to contribute to a consultation on practical rules that will implement EU-wide breach notification laws under the ePrivacy Directive.

By way of background, changes to the e-Privacy Directive - part of wide ranging revisions to the European telecoms framework that took effect in December 2009 - introduced a pan-European breach disclosure obligation for the providers of publicly available electronic communications services, i.e. telecommunications companies and ISPs. The obligation is to notify national data protection regulators of “personal data breaches” without “undue delay”, which extends to notifying individuals too, if the breach has an adverse effect on their interests. The new law came into effect on 26th May this year.

The Consultation is concerned with the new law’s provisions on “technical implementing measures”, which is a reference to the nuts-and-bolts of breach disclosure and the actual systems and operations that need to be adopted by telecos and ISPs to achieve legal compliance.  The law anticipates that there will be detailed harmonisation of the procedures for giving notification, through the publication of binding guidance by the European Commission.

The consultation, which closes on 9 September 2011, can be accessed here.

Sign up to our email digest

Click to subscribe or manage your email preferences.

SUBSCRIBE