The European Commission is putting into place new rules on what exactly telecoms operators and Internet Service Providers (ISPs) should do if their customers’ personal data is lost, stolen or otherwise compromised.
The purpose of these “technical implementing measures” is to ensure all customers receive equivalent treatment across the EU in case of a data breach, and to ensure businesses can take a pan-EU approach to these problems if they operate in more than one country. Telecoms operators and ISPs hold a range of data about their customers, such as name, address and bank account details, in addition to information about phone calls and websites visited. These companies have been operating since 2011 under a general obligation to inform national authorities and subscribers about breaches of personal data. Here to read more.