UK ICO Says Breach Notification Law Coming
PRIVACY LAW—EUApril 28, 2010
The requirement for companies to notify national regulators about serious data breaches will expand beyond the telecommunications sector, according to UK Deputy Information Commissioner David Smith. At an event on Tuesday, Smith said that the European Commission has breach notification "on its agenda" and that its current review of data laws will likely require notifications from a wider range of businesses, ZDNet reports. There is "no logical reason" to confine the requirement to telcos, Smith said. Responding to his comments, one analyst said, "Notification promotes efficient publication of breaches, which encourages data protection." Smith, himself, described breach notification as a "double-edged sword" for regulators.