Abstract
In the wake of a number of security incidents in the United Kingdom and elsewhere, the debate has reopened as to whether there should be a U.S.-style security breach notification law to require those suffering a data breach to notify individuals as well as national data protection authorities. The European Commission proposed obligations for telecommunication operators and internet service providers to notify affected persons of breaches. In consultations on the draft, it was proposed to expand the regime to other organizations handling personal data. This article outlines the movement towards security breach notification in Europe and the lessons to be learned from experiences in the United States and Japan where security breach laws are in place already for some time.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
