Skip to main content

EU to punish firms who fail to share cybercrime data

The European Commission (EC) is continuing its offensive on tackling cybercrime, with new legislation aiming to force major tech firms to report their security breaches so more intelligence reaches law enforcement agencies.

The news comes in the same month the EC opened its new European Cybercrime Centre in The Hague (pictured), and the commission’s vice president Neelie Kroes says the proposals will strengthen the fight against online misdemeanours.

"We are raising the game with this directive," claims Kroes in the Financial Times. "We are creating incentives for private companies to improve their track records in network security, and helping national governments to use the learning from this to improve overall national capabilities," she says.

Yet to be passed, the legislation would require major firms – particularly those such as Google and Facebook who have access to great amounts of user data – to report security incidents or face sanctions like fines from the EC.

The lack of sharing between the private and public sector over these episodes is often identified as a problem by cybercrime commentators, with companies typically covering up their breaches to stave off bad publicity and maintain customer confidence. There is subsequently a dearth of intelligence available to government agencies when it comes to tracking and prosecuting hackers - something likely contributing to the continued growth of cybercrime.

Defending the EC’s approach to increasing Internet regulation, Kroes argues, "Cyber security is about protecting our values. We don't want a militarised internet. We need greater security capabilities because we want a peaceful and open internet that is a vehicle for free expression."

Via Computer Business Review