Action 34: Explore the extension of security breach notification provisions
Explore the extension of security breach notification provisions, as part of the modernisation of the EU personal data protection regulatory framework.
What is the problem? Europeans want to be informed on data security breaches
According to surveys, 84% of Europeans would wish to be informed if their personal data was lost, stolen or altered. That is one reason why data security breaches are high on the EU agenda.
Why is EU action required? EU can provide rules
The current review of the EU data protection framework will include an extension of the obligation to notify data security breaches, which would be an important move towards improving data security. For legislative aspects, see more under Action 12.
The draft Commission proposals reviewing the EU data protection framework contain provisions setting forth requirements to notify personal data breaches to supervisory authorities and individuals alike
What will the Commission do?
Continue with its work towards reviewing the EU data protection regulatory framework to ensure the extension of security breach notification provisions to all data controllers (this action is a component of action 12).