The Register has an article from Out-Law.com that begins:
New rules setting out the circumstances in which telecoms companies need to report personal data breaches, as well as the kind of information they need to share in those reports, have come into force.
The EU’s Regulation on the notification of personal data breaches (7-page/756KB PDF) applies to all providers of publicly available electronic communications services, such as internet service providers (ISPs) and other telecoms companies, and sets new rules on notifying both regulators and customers about personal data breaches.
Read more on The Register.