Orin Kerr writes: Senator Feinstein recently claimed that the CIA may have violated the federal computer hacking statute, the Computer Fraud and Abuse Act, by searching computers used by the Intelligence Committee to conduct CIA oversight. Based on the facts we know so far, I’m skeptical of the claim that the CIA violated the statute. This post…
Category: Breach Laws
No consensus on notifying victims of data breaches, but I have a few thoughts
Eric Tucker of Associated Press reports: The data breach at Target Corp. that exposed millions of credit card numbers has focused attention on the patchwork of state consumer notification laws and renewed a push for a single national standard. Most states have laws that require retailers to disclose data breaches, but the laws vary wildly….
Weds: House Financial Services subcommittee to hold hearing on data breaches
Julian Hattem reports: Data security will be back in the spotlight on Wednesday, when a House Financial Services subcommittee hears from top law enforcement, consumer advocacy and industry experts. The hearing will be the fifth Congress has held since Target revealed late last year that a hacker had stolen millions of users’ information during the…
Minnesota data breach law demonstrates risks of knee-jerk reactions
I just shook my head yesterday when I heard about a proposed law in Minnesota that would require breach notification within 48 hours of discovery, the offer of free credit monitoring for one year, and golly gee, a $100 gift card that would be valid for one year if the breached entity was a retailer. Apparently I…
Comparison of Five Data-Breach Bills Currently Pending in the Senate
Meena Harris writes: Data security continues to be a hot issue on Capitol Hill, and just yesterday Attorney General Eric Holder urged Congress to create a “strong, national standard” for quickly reporting data breaches to consumers. Democratic and Republican senators have been busy drafting legislation that would establish national requirements for data security and breach notice. The following bills…
AU: NT government proposes identify theft, card skimming penalties
Computerworld Australia staff report: Proposed amendments to the Northern Territory’s Criminal Code would make it an offence to collect and store identification details about another person for the purposes of identity theft. Under current legislation, a person who obtains someone else’s ID details can’t be prosecuted until they commit a crime. Speaking in the NT…