Observador | Pro Bono | Cybercrime: Do you know what to do in case of an attack?
Pedro Barosa, partner at Abreu Advogados, was the guest on the 3rd episode of Pro Bono, a Rádio Observador programme now also available in video format.
The lawyer discusses cybercrime and explains that due to European directives and the creation of the General Data Protection Regulation (GDPR), there is now greater concern with protecting personal data within organisations.
Depending on the sector, companies are “obliged” to implement compliance, security, conduct, and protection plans to prevent certain types of attacks. Pedro Barosa clarifies that, in the event of an attack, organizations may not be considered criminally liable for the incident itself but can still be held legally accountable if they fail to act, remain inert, or lack protection plans.
As for how to respond in the event of a cyberattack, the first legal step is to identify vulnerability and understand which data has been compromised. Next, if sensitive information is involved, there is a legal obligation to inform those affected. Finally, the criminal process must be initiated by reporting the incident to the Public Prosecutor’s Office and the Judiciary Police.
Watch the episode here.
