Patrick Van Eecke writes: Following several recent widely publicized data breaches in Belgium, the Privacy Commission issued a new recommendation on security measures and data breaches. The recommendation builds further on its previously issued security reference measures and details specific security requirements regarding a.o. IT architecture and development and production environments. Remarkably, the Privacy Commission…
Category: Breach Laws
Attacks ‘highlight need for data breach notification law’
Paul Smith reports: The Australian Bankers Association has defended the strength of IT security processes in place across Australia’s banking system following the revelation that Reserve Bank of Australia systems had been compromised by China-based hackers. However, security experts said the incident highlighted the need for Australian data breach notification laws to be tightened to force…
Lawmakers: Tougher computer hacking laws may be needed
Grant Gross reports: Congress may need to create stiffer penalties for criminal computer hacking to deter the growing number of attacks on U.S. government agencies and businesses, some lawmakers said Wednesday. Congress may revisit the Computer Fraud and Abuse Act (CFAA), the oft-amended law first passed in 1984, in an effort to counter widespread cyberattacks…
Belgian Privacy Commission issues new recommendation on data security and breaches
Julien Hick, Jacqueline van Essen and Vincent Wellens of NautaDutilh write: Belgium recently experienced two significant data breaches (involving, amongst other companies, the Belgian railway operator), which resulted in the online disclosure of personal data relating to thousands of people. These events led the Belgian data protection authority (the Privacy Commission) to issue a recommendation on the security…
Mandatory data breach notification law proposed in Canada
Nestor E. Arellano reports: With the Conservative government’s privacy reform bill sitting untouched after being introduced about two years ago, New Democractic Party MP Charmain Borg has introduced a private member’s bill that that would make it mandatory for organizations to report data breach incidents. Bill C-475, Borg’s proposed amendment to the federal Personal Information Protection and Electronics Document…
PA: Pileggi pushes for update to vague law on personal data theft
Melissa Daniels reports: Back in 2007, the theft of several state computers jeopardized the personal information of as many as 400,000 Pennsylvanians. Desktop computers from the Department of Public Welfare were taken from offices in Harrisburg and Philadelphia. Then, a laptop issued to the Department of Aging was stolen from a private residence. There’s no telling what someone might…