Home
 » ISP News » 
Sponsored

EU Impose New Personal Data Rules on UK Phone and Internet Providers

Tuesday, June 25th, 2013 (1:30 am) - Score 618

The European Commission (EC) has this week implemented new rules to help telephone and broadband providers (ISP) know what to do when their customers’ personal data is either lost, stolen or otherwise compromised. But companies that encrypt your data won’t have to tell you if it’s been stolen.

Internet providers typically hold a range of personal details about their customers, such as names, addresses, bank details, website visits, phone usage and so forth. Data like this could easily be abused by criminals, if it got into the wrong hands, and as a result it’s important to keep it all secure.

Related companies already have a general obligation to inform national authorities and subscribers about breaches of personal data, although the new measures are an attempt to clarify some rules and standardise the approach.

Neelie Kroes, EC Vice-President, said:

Consumers need to know when their personal data has been compromised, so that they can take remedial action if needed, and businesses need simplicity. These new practical measures provide that level playing field.”

The Key Rules

• Companies must: Inform the competent national authority of the incident within 24 hours after detection of the breach, in order to maximise its confinement. If full disclosure is not possible within that period, they should provide an initial set of information within 24 hours, with the rest to follow within three days.

• Companies must: Outline which pieces of information are affected and what measures have been or will be applied by the company.

• In assessing whether to notify subscribers (i.e. by applying the test of whether the breach is likely to adversely affect personal data or privacy), companies should pay attention to the type of data compromised, particularly, in the context of the telecoms sector, financial information, location data, internet log files, web browsing histories, e-mail data, and itemised call lists.

• Companies must: Make use of a standardised format (for example an online form that is the same in all EU Member States) for notifying the competent national authority.

However the EC also wishes to “incentivise companies” to encrypt personal data and as a result any company that applies this would apparently be “exempt from the burden of having to notify the subscriber because such a breach would not actually reveal the subscriber’s personal data“. We can see why they’d take this stance but at the same time we still think that subscribers’ should be informed; nothing remains 100% secure forever.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
Mark Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
0 Responses

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Onestream £19.99 (*27.99)
    Avg. Speed 45Mbps, Unlimited
    Gift: None
  • TalkTalk £21.00 (*29.95)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • Plusnet £21.99 (*36.52)
    Avg. Speed 36Mbps, Unlimited
    Gift: £50 Reward Card
  • NOW TV £22.00 (*40.00)
    Avg. Speed 36Mbps, Unlimited
    Gift: None
  • Vodafone £22.00
    Avg. Speed 35Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. FTTP (2902)
  2. BT (2824)
  3. FTTC (1812)
  4. Building Digital UK (1772)
  5. Politics (1710)
  6. Openreach (1665)
  7. Business (1490)
  8. FTTH (1343)
  9. Mobile Broadband (1280)
  10. Statistics (1273)
  11. 4G (1104)
  12. Fibre Optic (1085)
  13. Wireless Internet (1047)
  14. Ofcom Regulation (1042)
  15. Virgin Media (1035)
  16. EE (729)
  17. Vodafone (708)
  18. TalkTalk (690)
  19. Sky Broadband (685)
  20. 5G (569)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact