US Tech Companies May Soon be Required to Report Security Breaches to the EU

more+
less-

U.S. based tech companies that store data on the Internet may soon be required to report the loss or theft of personal information to the E.U. or face sanctions and fines according to legislation being proposed by the European Commission. As reported in the New York Times last Wednesday, the proposal, which is being drafted by the Vice-President of the European Commission responsible for the Digital Agenda seeks “to impose, for the first time, E.U. wide reporting requirements on companies that run large databases, those used for Internet searches, social networks, e-commerce or cloud services.” The proposal is expected to be reviewed by the European Commission on January 30.

The plan is controversial because, among other things, it would extend the obligation to report data breaches beyond traditional compilers of customer databases for critical infrastructure like telephone, transport and utility companies to the “enablers of Internet services, e-commerce platforms, Internet payment gateways, social networks, search engines, cloud computing services, applications stores” and, for the first time, require U.S. companies to report breaches to a national authority, a reporting obligation that is non existent on a national level in the United States. In the U.S., notification of data breaches are enforced by the state, not federal government, with most states requiring companies only to report security breaches involving more than 500 customers.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Topics:  Cloud Computing, Data Breach, Data Protection, Databases, E-Commerce, EU, European Commission, Personally Identifiable Information, Reporting Requirements, Social Networks, Technology

Published In: General Business Updates, Communications & Media Updates, International Trade Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Cohen & Gresser LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »