Mark Young writes:
In a new opinion on the Commission’s proposal for a Regulation on electronic identification (“eID”) and trusted services, the European Data Protection Supervisor (“EDPS”) has called, amongst other things, for security measures that trust service providers must apply to their services to be specified directly in legislation rather than left to the Commission to define at a later stage. The EDPS has also called for additional data privacy safeguards, higher security controls to apply to authorities that issue eIDs, more detailed mechanisms on how to ensure that eIDs and trust services are interoperable at EU level, and for data breach notification requirements under this proposal to be aligned with requirements under the e-privacy Directive and proposed new data protection Regulation.
Read more on InsidePrivacy.