The cheese eating surrender monkeys in the French government, which have surrendered much of their nation's hard won constitution the entertainment industry, have finally ordered ISPs to tell customers if their servers have been hacked.

Ordonnance n° 2011-1012 du 24 août 2011 relative aux communications électroniques*, or the “Ordinance” has been added onto the same law books which insist on liberty and lopping off the head of any kings that appear. The new legislation makes it obligatory for electronic service providers and telcos to notify the data protection authority - Commission nationale de l'informatique et des libertés (CNIL) - and any customers of a breach if it is likely to impact their privacy or data protection.

It seems that in France is it necessary for laws to be written to make sure that customers are not treated rudely. However there is a big get out clause. If the CNIL believes that appropriate measures are in place to prevent the breach of privacy, then the organisation will not need to make a public disclosure. In other words if a hacker attacks a site you don't have to tell anyone if they do not succeed.

Aziz Maakaroun, managing partner at Outpost24 UK, has pointed out that France's legislative amendment sees it join European nations Germany and Spain in enacting a data disclosure law. He said that the message coming out of France and indeed the EU is abundantly clear. Protect sensitive information with the most robust security system possible, or be held accountable. In this case prevention is most definitely to be seen as the cure to this rising problem.