European Data Protection Digest

Organisations Support Mandatory Breach Notification

PRIVACY LAW—UK

July 23, 2010

Nearly half of UK organisations surveyed believe data protection laws are too relaxed, with 87 percent favoring mandatory disclosure, ComputerWeekly reports. From May 2011, ISPs and telecom companies will be required to disclose data breaches under the current EU data protection directive, the report states, with a revised directive currently under consideration expected to extend the requirement to all organizations. When the UK and other EU member states draft legislation to reflect those changes, data privacy experts are recommending they focus on encouraging organisations to find and correct the causes of data breaches. As one expert put it, "The point of data breach disclosure should be about understanding the problem, not about punishment."
Full Story