Friday 24 January 2020
La Cave
European Commission, Joint Research Centre

Panel Description

Massive online personal data breaches continue to be a growing issue given their detrimental effects in terms of both data protection and cybersecurity. These events have become a valuable source of information for cybercriminals, who are increasingly abusing the leaked personal data of affected individuals to carry out more effective and efficient cyberattacks. This session will tackle this growing problem and discuss potential initiatives to complement measures taken by data controllers in order to assist them in the task of notifying individuals and preventing further damage to them. It will analyse existing initiatives from a data protection angle and explore their potential to complement the current GDPR implementation measures for data breach notifications. The panel will also take a prospective look at possible novel EU initiatives to reinforce and complement existing strategies in this regard.

  • What are the risks faced by individuals whose personal data has been leaked in a breach? How are cybercriminals today abusing these data in cyberattacks?
  • Considering the obligations of data controllers, what are the current challenges that they are facing in order to protect affected individuals from further abuse of leaked information by cybercriminals?
  • How can the related initiatives proposed by the cybersecurity and data protection communities (e.g. password security and data breach notification services) contribute to protect data breach victims?
  • What is the necessary criteria for these services to ensure compliance with the existing data protection regulatory framework? What other strategies could be envisaged to complement existing initiatives?

Did you see these?

You might be interested in these panels as well: