Eric Tucker of Associated Press reports: The data breach at Target Corp. that exposed millions of credit card numbers has focused attention on the patchwork of state consumer notification laws and renewed a push for a single national standard. Most states have laws that require retailers to disclose data breaches, but the laws vary wildly….
Category: Breach Laws
Weds: House Financial Services subcommittee to hold hearing on data breaches
Julian Hattem reports: Data security will be back in the spotlight on Wednesday, when a House Financial Services subcommittee hears from top law enforcement, consumer advocacy and industry experts. The hearing will be the fifth Congress has held since Target revealed late last year that a hacker had stolen millions of users’ information during the…
Minnesota data breach law demonstrates risks of knee-jerk reactions
I just shook my head yesterday when I heard about a proposed law in Minnesota that would require breach notification within 48 hours of discovery, the offer of free credit monitoring for one year, and golly gee, a $100 gift card that would be valid for one year if the breached entity was a retailer. Apparently I…
Comparison of Five Data-Breach Bills Currently Pending in the Senate
Meena Harris writes: Data security continues to be a hot issue on Capitol Hill, and just yesterday Attorney General Eric Holder urged Congress to create a “strong, national standard” for quickly reporting data breaches to consumers. Democratic and Republican senators have been busy drafting legislation that would establish national requirements for data security and breach notice. The following bills…
AU: NT government proposes identify theft, card skimming penalties
Computerworld Australia staff report: Proposed amendments to the Northern Territory’s Criminal Code would make it an offence to collect and store identification details about another person for the purposes of identity theft. Under current legislation, a person who obtains someone else’s ID details can’t be prosecuted until they commit a crime. Speaking in the NT…
What is “Expedient” Notification of a “Data Breach?”
Craig Hoffman and Charlie Shih write: One of the first questions companies ask us when we are hired to help them respond to a new security incident is how fast they have to notify if the investigation shows that a “breach” occurred. Except for a couple of states that require notification to occur no later…