European Data Protection Digest

CNIL Releases New Notification Procedure

PRIVACY LAW—FRANCE

October 24, 2013

The Commission Nationale De L'informatique et Des Libertés (CNIL) has released a new mandatory online notification procedure for electronic communications service providers “to rapidly report data breaches to CNIL in compliance with new EC Regulation (No.611/2013),” Mondaq reports. Data breaches must be reported to the CNIL using a standardized online notification form and “must include all details set out in Annex I of the regulation and be made no later than 24 hours after the detection of the breach,” the report states, noting, “Where full details cannot be provided, organisations must make an initial notification with additional information provided no later than three days after the date of the breach.”
Full Story