Categories: SecurityWorkspace

European Commission Opens Consultation On Cyber Security Legislation

The European Commission (EC) is looking for views on a legislative proposal on data security, as it draws together fresh plans on countering cyber crime across the continent.

In particular, the EC will look at “future risk management and security breach reporting requirements”. The consultation runs until 12 October 2012.

The proposal will form part of  a joint Strategy on cyber security, due to be presented by the Commission and the EU High Representative for Foreign Affairs and Security Policy later this year.

Fostering ‘a cyber security culture’

“As far as network and information systems are concerned, the aim would be to enhance preparedness, strengthen the resilience of critical infrastructure as well as to foster a cyber security culture in the EU,” it said in a statement.

“The Commission is considering the introduction of a requirement to adopt risk management practices and to report security breaches affecting networks and information systems that are critical to the provision of key economic and societal services.”

The EC is already discussing what changes need to be made to data protection proposals announced in January. The body offered up both a regulation, setting out “a general EU framework for data protection”, and a directive which sets out rules on the protection “of personal data processed for the purposes of prevention, detection, investigation or prosecution of criminal offences and related judicial activities.”

Some aspects of the regulation upset onlookers, including the stipulation that companies must report breaches to the relevant authorities within 24 hours of them happening. The EC also wants businesses with more than 250 employees to appoint a designated data protection officer, adding more cost to compliance. Under the proposals, regulators would be able to fine companies as much as €1 million (£780m) or up to two per cent of their global annual turnover.

The framework has been criticised as over-prescriptive. Even the UK’s data protection watchdog, the Information Commissioner’s Office (ICO), said it needed more work.

Have you got security skills? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

13 hours ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

15 hours ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

16 hours ago

VW, Rivian Launch Joint Venture, As Investment Rises To $5.8 Billion

Volkswagen and Rivian officially launch their joint venture, as German car giant ups investment to…

17 hours ago

AMD Axes 4 Percent Of Staff, Amid AI Chip Focus

Merry Christmas staff. AMD hands marching orders to 1,000 employees in the led up to…

20 hours ago

Tesla Recalls 2,431 Cybertrucks Over Propulsion Issue

Recall number six in 2024 for Tesla Cybertruck, and this time the fault cannot be…

21 hours ago