On the model of the “
nutriscore
”, intended to inform the consumer of the nutritional value of food products, a “
cyberscore
” could
emerge in
order to better inform users of digital tools on the security of their data.
In any case, this is the subject of a centrist bill examined at first reading this Thursday in the Senate.
The idea is to complete the consumer code by adding an obligation for operators to communicate information relating to the security of data hosted by themselves or their service providers, particularly in the cloud.
With the objective of achieving "
a clear and understandable visual
", specifies the rapporteur Anne-Catherine Loisier (centrist) Lafon, on the model of the "
nutriscore
".
The indicators would be set by decree and the diagnosis carried out by bodies authorized by the National Agency for the Security of Information Systems (Anssi).
The question of the scope of application is nevertheless debated.
In the initial text, Anne-Catherine Lafon mentioned “
digital platforms
”.
In committee, the senators extended the field of application "
to all digital services
": websites, online software and applications, videoconferencing software.
The government has tabled an amendment aimed
at
"
refocusing the system on the main operators of online platforms
", ie "
platforms with at least five million unique visitors per month
".
This amendment also removes the obligation to use authorized bodies, giving operators the possibility of carrying out a self-assessment of their data protection system.
To be definitively adopted, a bill must be adopted in the same terms by the two chambers of Parliament, the National Assembly and the Senate.