More services should fall within scope of EU security breach rules, ENISA says
The European Network and Information Security Agency (ENISA) said that LinkedIn and Research In Motion (RIM) were examples of businesses that had not been subject to EU laws on security breaches when they both experienced incidents within the past year.
Currently EU laws require that firms that provide “public communications networks or electronic communications services” ensure that their networks are secure. The firms must report security breaches or loss of integrity to their network to national telecoms regulators. The regulators can order firms to take particular action to protect the security of their networks.
However, ENISA said that services provided by LinkedIn, which had approximately 6.5 million user passwords stolen by hackers earlier this year, and RIM, which reported a “core switch failure” within its Blackberry network infrastructure last year, had not “clearly” fallen within the scope of the EU rules.
Read more on Out-Law.com