I think the GDPR approach (transparency rules, huge fines) is probably good enough to address this
Clemens Vasters 🇪🇺📨🇮🇱🇺🇦 @clemensv
1 Oct 2018
While I trust that everyone tries their best, I am skeptical about the EU having a policy team at hand that can factually teach Facebook (one of the most attacked properties in the world) better cybersecurity processes and operational practices.

Oct 1, 2018 · 6:10 AM UTC

3
4
Replying to @stilkov
I’ve been talking GDPR for weeks and like, nobody knows how to comply. So many people have totally different thoughts.
2
2
I know, I’m not claiming it’s clear or easy to execute. I completely agree with its intention and the general model, though. Anything specific that comes up in terms of compliance? Always interested in discussing how to go about it technically.
1
1
more replies
Replying to @stilkov
And it looks as if that has teeth wsj.com/articles/facebook-fa…
2
4
Replying to @stilkov
Having a European counterpart to @usnistgov would be a good addition. This might help refine and adopt good security and risk management practices for companies operating in the EU. This should be focused om practical application, not on policies, we have plenty of those.:-)