Peter Dinham reports: A majority of Australian IT decision-makers believe reporting of data breaches to regulators will help prevent cyber crime. Surveyed by global security vendor Palo Alto Networks, 79% of IT decision-makers agreed that reporting breaches to regulators should be mandatory and 69% believed reporting of data breaches to regulators would help prevent cyber…
Category: Breach Laws
South Dakota lawmakers delay action on data breach legislation
AP reports: A legislative panel has delayed action on a bill that would require companies to inform South Dakota residents whose personal information was acquired in a data breach. The Senate Judiciary Committee plans to take up the proposal again Thursday. Attorney General Marty Jackley’s bill would require affected South Dakotans be notified within 60…
Arizona Legislature Considers Strengthening Data Breach Notification Law
John G. Kerkorian, David M. Stauss, Gregory P. Szewczyk, and Kimberly A. Warshawsky of Ballard Spahr write: The Arizona State Legislature is considering proposed legislation that, if enacted, would significantly change the requirements for how Arizona entities respond to data breaches. Under Arizona’s existing breach notification law, entities that conduct business in the state and own or license computerized…
Big businesses band together in urging lawmakers to sell out your privacy
David Lazarus writes: Twenty-two industry groups, representing thousands of U.S. businesses, sent a letter to Congress the other day calling on lawmakers to pass sweeping data-security rules. At first glance, that seems like a really good thing for consumers. Upon closer inspection, however, the letter suggests these corporate heavyweights are aiming to sell out consumers…
House Passes Cyber Vulnerability Disclosure Reporting Act
Jennifer Martin and Calvin Cohen write: On January 9, the House of Representatives passed the Cyber Vulnerability Disclosure Reporting Act by voice vote. The Act directs the Secretary of the U.S. Department of Homeland Security (“DHS”) to prepare a report describing the policies and procedures that DHS developed to coordinate the cyber vulnerability disclosures. Under…
PH: NPC wants private, public sectors to submit data security incident reports
Roy Stephen C. Canivel reports: The National Privacy Commission (NPC) wants companies and government agencies to submit a report on security incidents that have affected the personal data of their consumers, even if these incidents were unsuccessful. In a statement, the NPC said it is requiring “personal information controllers” (PICs) in both the public and…