The  US lessons for the EU personal data breach notification:

• Authors: František Kasl
• Languages of publication: EN

Abstracts

EN

The new obligation to notify personal data breaches under Articles 33 and 34 of the General Data Protection Regulation 2016/679 can be seen as a reflection of the US regulatory approach to security breach incidents, which has an established tradition since the enactment of Security Breach Information Act in California in 2002. The contribution presents in two parts the relevant legal frameworks of the US and the EU, in order to provide a discussion on their similarities and differences. The aim is to identify available intellectual stimuli to the respective academic debate regarding interpretation, application and specification of the EU provisions based on inspiration from the US experience. The Part I introduces the reader to the concept of personal data breach and its relevance in nowadays digital society and then offers and introduction of the relevant US regulatory frameworks.

Keywords

EN

law; personal data breach; security breach; notification obligation; US law; GDPR

CS

právo

Discipline

• LAW_&_ADMINISTRATION: LAW & ADMINISTRATION

• Publisher: Institute of State and Law, Czech Academy of Sciences
• Journal: The Lawyer Quarterly
• Year: 2020
• Volume: 10
• Issue: 4
• Pages: 476-498
• Document type: ARTICLE

Contributors

author

František Kasl

• ---