Data Protection is tightening up in France with the announcement that the Commission Nationale De L’informatique et Des Libertés (CNIL) has launched an online notification procedure for French electronic communications service providers whereby they must report any data breaches within 24 hours of the initial detection. This requirement also extends to the notification of the data subjects (individuals) whose data has been compromised except where the data has been encrypted.
THE CNIL has the power to levy fines of up to €300,000 per data breach plus up to five years in prison for failure to comply with the notification procedure.
The full details regarding the EC Regulations No.611/2013 can be found here.