Network and Information Security Directive compels tech giants to report serious data breaches or face fines
The EU is cracking down on cybersecurity with its latest law that it says is designed with citizens in mind. The law is called the Network and Information Security Directive, and it compels tech giants to report serious data breaches or face fines. The Directive was issued after five hours of discussion between EU governments and the European Parliament. The new Directive would not compel social media site Facebook, or any others for that matter, to report data breaches.
“The Internet knows no border – a problem in one country can have a knock on effect in the rest of Europe. This is why we need EU-wide cyber-security solutions. This agreement is an important step in this direction,” said European Commission Digital Chief Andrus Ansip.
Although the EU has several governments, the country sees itself as one – in the same way that the United States has 50 state governments but sees itself as one country. When it comes to data breaches, though, whether several governments or few, one data breach can open the door to a massive cyberattack across the country.
Will the law prove effective against data breaches?
The question posed here is a complex one to answer. On one hand, data breaches are inevitable, thanks to the number of hackers out there in other countries that can access any country’s server at a moment’s passing. This means that, despite our efforts, we won’t ever live in a cyber-victimless world. Systems will be hacked, and world citizens will become victims of cyberattacks and identity theft.
On the other hand, the law will have some effectiveness against data breaches because companies like Google, eBay, Cisco, and Amazon, for example, must report their data breaches. The reason for reporting them is to allow the EU time to respond to them and move to protect the individual(s) whose information becomes prey to hackers. Companies have a moral responsibility to do this, since by so doing they show their care and concern for innocent victims.
In recent days, eBay and Amazon have both experienced data breaches, and one reporter found his Gmail account had been hacked into (he was then cut off from it because the hackers changed the password and blocked him from the account.), which means that most, if not all the companies mentioned, have experienced data breaches at one point or another.
The moral responsibility of these tech giants is no different than that of a hospital, who must tell a patient when the hospital’s server or system has been hacked and warn the patient that his or her information may have ended up in the wrong hands. And cybercrime, in some sense, is similar to medical malpractice when a patient ends up having the wrong surgery because the wrong paperwork was inserted into the wrong patient’s files.
Of course, there are ways to protect ourselves, which is why we suggest you get yourself a free VPN.