Bloomberg BNA reports: Companies operating in Australia would be required to notify the data protection authority and affected individuals of data breaches under legislation introduced March 20 in the Senate. The bill would require companies, organizations and government agencies to notify the Office of the Australian Information Commissioner (OAIC) and affected individuals of personal data breaches. Read…
Category: Breach Laws
AU: Labor resurrects data breach notification bill
Allie Coyne reports: A Labor senator this week re-introduced proposed legislation governing mandatory notifications for companies suffering a data breach, in an attempt to resurrect a bill which failed to pass before the last federal election. Tasmanian Labor Senator and parliamentary secretary to the Shadow Attorney-General Mark Dreyfus Lisa Singh introduced to the bill into the Senate…
Did the CIA Violate the Computer Fraud and Abuse Act by Accessing Intelligence Committee Computers?
Orin Kerr writes: Senator Feinstein recently claimed that the CIA may have violated the federal computer hacking statute, the Computer Fraud and Abuse Act, by searching computers used by the Intelligence Committee to conduct CIA oversight. Based on the facts we know so far, I’m skeptical of the claim that the CIA violated the statute. This post…
No consensus on notifying victims of data breaches, but I have a few thoughts
Eric Tucker of Associated Press reports: The data breach at Target Corp. that exposed millions of credit card numbers has focused attention on the patchwork of state consumer notification laws and renewed a push for a single national standard. Most states have laws that require retailers to disclose data breaches, but the laws vary wildly….
Weds: House Financial Services subcommittee to hold hearing on data breaches
Julian Hattem reports: Data security will be back in the spotlight on Wednesday, when a House Financial Services subcommittee hears from top law enforcement, consumer advocacy and industry experts. The hearing will be the fifth Congress has held since Target revealed late last year that a hacker had stolen millions of users’ information during the…
Minnesota data breach law demonstrates risks of knee-jerk reactions
I just shook my head yesterday when I heard about a proposed law in Minnesota that would require breach notification within 48 hours of discovery, the offer of free credit monitoring for one year, and golly gee, a $100 gift card that would be valid for one year if the breached entity was a retailer. Apparently I…