New bill asks companies to notify EU of security breaches

The European Union works on legislation that would set up local cybersecurity agencies, in an effort to regulate tech companies that have access to user data.

Neelie Kroes, VP of the European Commission. European Commission

Proposed legislation in the European Union would force tech companies that have access to user data -- such as Facebook, Google, and Microsoft -- to report any security breaches to local cybersecurity agencies, the Financial Times reported today.

This is the European Commission's effort to make private companies accountable for privacy and security problems, European Commission Vice President Neelie Kroes told the Financial Times.

If passed, the measure would require each of the EU's 27 member states to set up local cybersecurity agencies to implement security standards on online networks. Social networks, e-commerce companies, and large online platforms that have access to users' data would all have to report any server issues and security breaches to these agencies, or face sanctions.

Most U.S. states already require these companies to report security breaches involving more than 500 customers, but nothing has been done on a national level.

The European bill is in line with the EU's latest efforts to catch up with user data-protection standards. Another proposed law aims to improve data protection by curtailing the ability of services to collect, analyze, or sell the personal data of users.

Featured Video

Why do so many of us still buy cars with off-road abilities?

Cities are full of cars like the Subaru XV that can drive off-road but will never see any challenging terrain. What drives us to buy cars with these abilities when we don't really need them most of the time?

by Drew Stearne