Document Actions

Citation and metadata

Recommended citation

Jelena Burnik, Information Society Services and Mandatory Data Breach Notifications: Introduction to Open Issues in the EU Framework, 3 (2012) JIPITEC 126 para 1.

Download Citation

Endnote

%0 Journal Article
%T Information Society Services and Mandatory Data Breach Notifications: Introduction to Open Issues in the EU Framework
%A Burnik, Jelena
%J JIPITEC
%D 2012
%V 3
%N 2
%@ 2190-3387
%F burnik2012
%X In 2011 Sony suffered an extensive breach in its online game network that led to the theft of account data of 77 million users from all over the world. This was one of the largest internet security break-ins that resulted in a large scale personal data breach. As an answer to numerous incidents of security breaches where personal data have been compromised, an instrument of mandatory data breach notification is currently being implemented in the European Union that follows the approach taken in the United States. The revised e-Privacy Directive and the fresh proposal for a General Data Protection Regulation both introduced a provision whereby the entity suffering a breach will have to notify the competent authorities of the breach. Many large online service providers, operate globally, offering its services to users in different countries and processing users’ data in different locations, in the EU and wider. In case such a provider suffers a data breach, and oncondition that European law applies to its operations, the provider will be obliged to report the data breach to the authorities and possibly to the injured individual users.The paper presents the changes in the regulatory framework in the EU and tackles the question of how the new regulations on mandatory breach notifications will affect online service providers,especially the ones operating across borders. The paper presents the legal framework, assesses its implications and sheds light on the issues that will arise, in terms of applicable law, competencies of the national authorities and the rights of the injured individuals.
%L 340
%U http://nbn-resolving.de/urn:nbn:de:0009-29-34403
%P 126-137

Download

Bibtex

@Article{burnik2012,
  author = 	"Burnik, Jelena",
  title = 	"Information Society Services and Mandatory Data Breach Notifications: Introduction to Open Issues in the EU Framework",
  journal = 	"JIPITEC",
  year = 	"2012",
  volume = 	"3",
  number = 	"2",
  pages = 	"126--137",
  abstract = 	"In 2011 Sony suffered an extensive breach in its online game network that led to the theft of account data of 77 million users from all over the world. This was one of the largest internet security break-ins that resulted in a large scale personal data breach. As an answer to numerous incidents of security breaches where personal data have been compromised, an instrument of mandatory data breach notification is currently being implemented in the European Union that follows the approach taken in the United States. The revised e-Privacy Directive and the fresh proposal for a General Data Protection Regulation both introduced a provision whereby the entity suffering a breach will have to notify the competent authorities of the breach. Many large online service providers, operate globally, offering its services to users in different countries and processing users' data in different locations, in the EU and wider. In case such a provider suffers a data breach, and oncondition that European law applies to its operations, the provider will be obliged to report the data breach to the authorities and possibly to the injured individual users.The paper presents the changes in the regulatory framework in the EU and tackles the question of how the new regulations on mandatory breach notifications will affect online service providers,especially the ones operating across borders. The paper presents the legal framework, assesses its implications and sheds light on the issues that will arise, in terms of applicable law, competencies of the national authorities and the rights of the injured individuals.",
  issn = 	"2190-3387",
  url = 	"http://nbn-resolving.de/urn:nbn:de:0009-29-34403"
}

Download

RIS

TY  - JOUR
AU  - Burnik, Jelena
PY  - 2012
DA  - 2012//
TI  - Information Society Services and Mandatory Data Breach Notifications: Introduction to Open Issues in the EU Framework
JO  - JIPITEC
SP  - 126
EP  - 137
VL  - 3
IS  - 2
AB  - In 2011 Sony suffered an extensive breach in its online game network that led to the theft of account data of 77 million users from all over the world. This was one of the largest internet security break-ins that resulted in a large scale personal data breach. As an answer to numerous incidents of security breaches where personal data have been compromised, an instrument of mandatory data breach notification is currently being implemented in the European Union that follows the approach taken in the United States. The revised e-Privacy Directive and the fresh proposal for a General Data Protection Regulation both introduced a provision whereby the entity suffering a breach will have to notify the competent authorities of the breach. Many large online service providers, operate globally, offering its services to users in different countries and processing users’ data in different locations, in the EU and wider. In case such a provider suffers a data breach, and oncondition that European law applies to its operations, the provider will be obliged to report the data breach to the authorities and possibly to the injured individual users.The paper presents the changes in the regulatory framework in the EU and tackles the question of how the new regulations on mandatory breach notifications will affect online service providers,especially the ones operating across borders. The paper presents the legal framework, assesses its implications and sheds light on the issues that will arise, in terms of applicable law, competencies of the national authorities and the rights of the injured individuals.
SN  - 2190-3387
UR  - http://nbn-resolving.de/urn:nbn:de:0009-29-34403
ID  - burnik2012
ER  - 
Download

Wordbib

<?xml version="1.0" encoding="UTF-8"?>
<b:Sources SelectedStyle="" xmlns:b="http://schemas.openxmlformats.org/officeDocument/2006/bibliography"  xmlns="http://schemas.openxmlformats.org/officeDocument/2006/bibliography" >
<b:Source>
<b:Tag>burnik2012</b:Tag>
<b:SourceType>ArticleInAPeriodical</b:SourceType>
<b:Year>2012</b:Year>
<b:PeriodicalTitle>JIPITEC</b:PeriodicalTitle>
<b:Volume>3</b:Volume>
<b:Issue>2</b:Issue>
<b:Url>http://nbn-resolving.de/urn:nbn:de:0009-29-34403</b:Url>
<b:Pages>126-137</b:Pages>
<b:Author>
<b:Author><b:NameList>
<b:Person><b:Last>Burnik</b:Last><b:First>Jelena</b:First></b:Person>
</b:NameList></b:Author>
</b:Author>
<b:Title>Information Society Services and Mandatory Data Breach Notifications: Introduction to Open Issues in the EU Framework</b:Title>
<b:Comments>In 2011 Sony suffered an extensive breach in its online game network that led to the theft of account data of 77 million users from all over the world. This was one of the largest internet security break-ins that resulted in a large scale personal data breach. As an answer to numerous incidents of security breaches where personal data have been compromised, an instrument of mandatory data breach notification is currently being implemented in the European Union that follows the approach taken in the United States. The revised e-Privacy Directive and the fresh proposal for a General Data Protection Regulation both introduced a provision whereby the entity suffering a breach will have to notify the competent authorities of the breach. Many large online service providers, operate globally, offering its services to users in different countries and processing users’ data in different locations, in the EU and wider. In case such a provider suffers a data breach, and oncondition that European law applies to its operations, the provider will be obliged to report the data breach to the authorities and possibly to the injured individual users.The paper presents the changes in the regulatory framework in the EU and tackles the question of how the new regulations on mandatory breach notifications will affect online service providers,especially the ones operating across borders. The paper presents the legal framework, assesses its implications and sheds light on the issues that will arise, in terms of applicable law, competencies of the national authorities and the rights of the injured individuals.</b:Comments>
</b:Source>
</b:Sources>
Download

ISI

PT Journal
AU Burnik, J
TI Information Society Services and Mandatory Data Breach Notifications: Introduction to Open Issues in the EU Framework
SO JIPITEC
PY 2012
BP 126
EP 137
VL 3
IS 2
AB In 2011 Sony suffered an extensive breach in its online game network that led to the theft of account data of 77 million users from all over the world. This was one of the largest internet security break-ins that resulted in a large scale personal data breach. As an answer to numerous incidents of security breaches where personal data have been compromised, an instrument of mandatory data breach notification is currently being implemented in the European Union that follows the approach taken in the United States. The revised e-Privacy Directive and the fresh proposal for a General Data Protection Regulation both introduced a provision whereby the entity suffering a breach will have to notify the competent authorities of the breach. Many large online service providers, operate globally, offering its services to users in different countries and processing users’ data in different locations, in the EU and wider. In case such a provider suffers a data breach, and oncondition that European law applies to its operations, the provider will be obliged to report the data breach to the authorities and possibly to the injured individual users.The paper presents the changes in the regulatory framework in the EU and tackles the question of how the new regulations on mandatory breach notifications will affect online service providers,especially the ones operating across borders. The paper presents the legal framework, assesses its implications and sheds light on the issues that will arise, in terms of applicable law, competencies of the national authorities and the rights of the injured individuals.
ER

Download

Mods

<mods>
  <titleInfo>
    <title>Information Society Services and Mandatory Data Breach Notifications: Introduction to Open Issues in the EU Framework</title>
  </titleInfo>
  <name type="personal">
    <namePart type="family">Burnik</namePart>
    <namePart type="given">Jelena</namePart>
  </name>
  <abstract>In 2011 Sony suffered an extensive breach in its online game network that led to the theft of account data of 77 million users from all over the world. This was one of the largest internet security break-ins that resulted in a large scale personal data breach. As an answer to numerous incidents of security breaches where personal data have been compromised, an instrument of mandatory data breach notification is currently being implemented in the European Union that follows the approach taken in the United States. The revised e-Privacy Directive and the fresh proposal for a General Data Protection Regulation both introduced a provision whereby the entity suffering a breach will have to notify the competent authorities of the breach. Many large online service providers, operate globally, offering its services to users in different countries and processing users’ data in different locations, in the EU and wider. In case such a provider suffers a data breach, and on
condition that European law applies to its operations, the provider will be obliged to report the data breach to the authorities and possibly to the injured individual users.
The paper presents the changes in the regulatory framework in the EU and tackles the question of how the new regulations on mandatory breach notifications will affect online service providers,especially the ones operating across borders. The paper presents the legal framework, assesses its implications and sheds light on the issues that will arise, in terms of applicable law, competencies of the national authorities and the rights of the injured individuals.</abstract>
  <subject />
  <classification authority="ddc">340</classification>
  <relatedItem type="host">
    <genre authority="marcgt">periodical</genre>
    <genre>academic journal</genre>
    <titleInfo>
      <title>JIPITEC</title>
    </titleInfo>
    <part>
      <detail type="volume">
        <number>3</number>
      </detail>
      <detail type="issue">
        <number>2</number>
      </detail>
      <date>2012</date>
      <extent unit="page">
        <start>126</start>
        <end>137</end>
      </extent>
    </part>
  </relatedItem>
  <identifier type="issn">2190-3387</identifier>
  <identifier type="urn">urn:nbn:de:0009-29-34403</identifier>
  <identifier type="uri">http://nbn-resolving.de/urn:nbn:de:0009-29-34403</identifier>
  <identifier type="citekey">burnik2012</identifier>
</mods>
Download

Full Metadata

JIPITEC – Journal of Intellectual Property, Information Technology and E-Commerce Law
Article search
Extended article search
Newsletter
Subscribe to our newsletter
Follow Us
twitter