Angel Diaz writes: Big or small, all bank accounts are susceptible to hijacking and fraudulent wire transfers. Banks ordinarily bear the risk of loss for unauthorized wire transfers. Two independent frameworks exist to govern these transfers: the Electronic Fund Transfer Act (“EFTA”) for consumer accounts, and Article 4A of the Uniform Commercial Code (“UCC”) for…
Category: Breach Laws
Lawmakers re-introduce bipartisan data security bill
Cory Bennett reports that Reps. Joe Barton and Bobby Rush have re-introduced the Data Accountability and Trust Act (DATA) in the House – a bill this blog has been reporting on since 2009. The measure: would deputize the Federal Trade Commission (FTC) to set nationwide data security standards for companies handling sensitive data, such as full…
Quinn Norton: We Should All Step Back from Security Journalism. I’ll Go First.
Last week, Quinn Norton wrote a disturbing and thoughtful essay. Those of us who conduct research or investigate and report on breaches generally share her concerns, if not her decision to withdraw from security journalism. The Barrett Brown case, and the prosecution’s attempt to criminalize linking to publicly available data may lead others, too, to…
President Obama’s Security Breach Notification Bill Needs Work
Elizabeth H. Johnson and Lynn C. Percival IV of Poyner Spruill have their own objections to the President’s proposal for a federal data breach notification law. You can read their analysis and comments here.
Christie signs law requiring health insurance companies to encrypt personal information
Susan K. Livio reports: Health insurance companies will be required to protect client information by encrypting the data, under legislation Gov. Chris Christie signed into law today. The bill follows a series of incidents involving stolen laptops containing policyholder information protected only by user passwords. Read more on NJ.com.
Proposed data breach bill in Washington State: comments
So I’ve just read the proposed legislation for revising Washington State’s data breach notification law (see the WA AG’s press release on the proposal here). A few comments/observations on the bill: 1. The bill eliminates the word “computerized” before “data,” thereby seemingly expanding the data breach notification requirements to paper records or other formats. That…