Shostack + Friends Blog Archive


Going Dutch: Time for a Breach Notification Law

The European Digital Rights Initiative mentions that “Bits of Freedom starts campaign for data breach notification law:”

A data breach notification obligation on telecom providers is already to be implemented on the basis of the ePrivacy Directive, but Bits of Freedom insisted that this obligation should be extended also to other corporations and organisations. It drafted an extensive position paper, including a concrete proposal for amending the Dutch Data Protection Act. Simultaneously, it announced the launch of a “black paper” keeping track of all data breaches in The Netherlands.

If anyone has English translations or summaries, please let me know. I do hope that Bits of Freedom understands the broader context of how good data about breaches can help us overcome so many problems in information security.