|Description||Privacy Considerations in Botnet Detection, Notification, and Remediation:
Because technical measures to (a) detect compromised end-user devices, (b) notify end-users of the security issue, and (c) assist in addressing the security issue, may result in the collection of customer information (including possibly personally identifiable information and other sensitive information, as well as the content of customer communications), ISPs should ensure that all such technical measures address customers privacy, and comply and be consistent with all applicable laws and corporate privacy policies.
|Industry Role(s)||Service Provider|
|Keyword(s)||Cyber Security;Encryption;Information Protection;Intrusion Detection;|
|Reference/Comments||Note that the Best Practices in this grouping are primarily aimed at ISPs that provide service to consumer end-users on residential broadband networks, but may be applicable to other users and networks as well.|