By Sarah Laitner in Brussels and Maija Palmer in London

Companies in the European Union should be forced to report internet security breaches, the EU’s network safety agency has argued.

Andrea Pirotti, director of the Enisa body, believes that organisations should reveal details of assaults and measures taken to address the problems. ”We should learn...lessons to be better equipped” he said.

The fresh call for action adds to the EU’s debate on tackling internet crime after one member - Estonia - suffered a series of cyber attacks last year.

Viviane Reding, the union’s top telecoms official, has proposed mandatory reporting of network security breaches as part of an overhaul of regulation of the electronic communications industry.

Her suggestion that network providers tell national authorities and affected consumers about data breaches is under discussion in Brussels.

A number of US states have laws requiring companies to tell their customers when they have lost confidential information.

This has led to several very large security breaches coming to light, such as the loss of nearly 46m credit card records by TJX, the owner of discount retailer TK Maxx, in 2007.

The US disclosure laws have caused painful reputational damage for companies, but helped highlight the magnitude of data security problems.

Last year, members of the House of Lords called for similar laws to be enacted in the UK, and these have been echoed by members of the police, who are struggling to keep track of computer crime.

The British government has so far failed to act on the recommendations, but continued calls for disclosure laws at a European level could intensify pressure on it to do so.

European concerns over internet security have grown since Estonia last year suffered cyber assaults which the country’s officials said originated in Russia.

The attacks began when Estonia removed a Soviet second world war memorial from its capital, Tallinn.

The assaults temporarily brought down websites and IT networks of state institutions such as the president’s office, many ministries, the parliament and the police, as well as political parties.

News organisations, newspapers, and two of the country’s largest banks were also targeted.

”Those who attack us are becoming more and more skilled,” Mr Pirotti warned on Monday.

The risks of social networking websites are a further concern, he believes. Mr Pirotti added that EU data protection rules might need reviewing to take account of the growth of such sites.

A review of the legislation could cover the posting and tagging of photographs of people - which can at present be published without the subject’s consent.

Mr Pirotti will on Tuesday present a report on the agency’s work.

Enisa’s role is sharply limited and its budget this year is just €8m. There is scepticism over the agency’s purpose, with a debate underway over its future as the union considers wrapping Enisa into a proposed new EU telecoms regulator.