Publication details

The US Lessons for the EU Personal Data Breach Notification: Part II – The EU Regulatory Perspective and Discussion of the Benefits Available from US Experience


KASL František

Year of publication 2021
Type Article in Periodical
Magazine / Source The Lawyer Quarterly
MU Faculty or unit

Faculty of Law

Web Full Text - Journal Website
Keywords Personal data breach; security breach; notification obligation; US law; GDPR
Description The new obligation to notify personal data breaches under Articles 33 and 34 of the General Data Protection Regulation 2016/679 can be seen as a reflection of the US regulatory approach to security breach incidents, which has an established tradition since the enactment of Security Breach Information Act in California in 2002. The contribution presents in two parts the relevant legal frameworks of the US and the EU, in order to provide a discussion on their similarities and differences. The aim is to identify available intellectual stimuli to the respective academic debate regarding interpretation, application and specification of the EU provisions based on inspiration from the US experience. The Part II adds the insight into the respective EU regulatory approach and contains the discussion of the parallels of the US and EU frameworks and available insight to be drawn from this doctrinal research.

You are running an old browser version. We recommend updating your browser to its latest version.

More info