New EU Rules Require ISPs, Telcos To Come Clean Within 24 Hours of Data Breaches 70
hypnosec writes "Under new EU regulations ISPs and Telcos serving European customers will have to come clean within 24 hours in case of a security or data breach that leads to theft, loss, or compromise of data. Companies will have to disclose the nature and size of the breach within the first 24 hours. Whenever it's not possible to submit such data, they must provide 'initial information' within the stipulated time and full details within three days. Under the new terms the affected organizations will be required to reveal information such as information that has been compromised and the steps that have been taken or will be taken to resolve the situation. If the breach 'is likely to adversely affect' personal information or privacy, affected businesses and consumers will be notified of the breach."
Re:NSA too? (Score:4, Funny)
Does this mean the alleged NSA taps on major internet links that monitor all traffic would have to be reported as breaches too if an EU ISP discovers (or knowingly installs) one?
Yes.
it's part of why nsa wanted soooo much to keep it secret. plenty of companies have to stop using american hosting if they technically know that the US servers are compromised.