EU May Force Companies To Disclose Security Breaches to Governments
And to whom will governments reveal their screw-ups?
Proposed legislation in the European Union would force tech companies that have access to user data—such as Facebook, Google, and Microsoft—to report any security breaches to local cybersecurity agencies, the Financial Times reported today.
This is the European Commission's effort to make private companies accountable for privacy and security problems, European Commission Vice President Neelie Kroes told the Financial Times.
If passed, the measure would require each of the EU's 27 member states to set up local cybersecurity agencies to implement security standards on online networks. Social networks, e-commerce companies, and large online platforms that have access to users' data would all have to report any server issues and security breaches to these agencies, or face sanctions.
Most U.S. states already require these companies to report security breaches involving more than 500 customers, but nothing has been done on a national level.