Digital Agenda for Europe
A Europe 2020 Initiative

Action 34: Explore the extension of security breach notification provisions

Article
Explore the extension of security breach notification provisions, as part of the modernisation of the EU personal data protection regulatory framework.
Share this

What is the problem? Europeans want to be informed on data security breaches

According to surveys, 84% of Europeans would wish to be informed if their personal data was lost, stolen or altered. That is one reason why data security breaches are high on the EU agenda.

Why is EU action required? EU can provide rules

The current review of the EU data protection framework will include an extension of the obligation to notify data security breaches, which would be an important move towards improving data security. For legislative aspects, see more under Action 12.

The draft Commission proposals reviewing the EU data protection framework contain provisions setting forth requirements to notify personal data breaches to supervisory authorities and individuals alike

What has the Commission done?

In January 2012 the Commission set out its proposals on reviewing the EU data protection regulatory framework to ensure the extension of security breach notification provisions to all data controllers (this action is a component of action 12).