The Credit Union National Association is pushing for change – and although there will be pushback from the merchant sector, a lot of what CUNA is pushing for is consistent with what privacy advocates want: Data security is a critical issue and the U.S. Congress should consider legislative changes to protect consumers, such as requiring…
Category: Breach Laws
UK: What’s gone wrong at #ICO?
Stewart Room writes: If you’ve been keeping a close eye on developments at the Information Commissioner’s Office, then you will have detected a very clear trend when it comes to regulatory enforcement action. Basically, ICO has abandoned the monetary penalty and other statutory enforcement mechanisms, for “undertakings”. Read more on Stewart Room. I’m glad for…
Senate Panel OKs National Breach Notification Bill
Breach notification laws in most states would be preempted if legislation approved by the Senate Judiciary Committee Thursday becomes law. But that’s a big if, at least as it now stands. The 10 Democrats and eight Republicans on the committee split along party lines in approving the three different, but related measures, with overlapping provisions, aimed at strengthening privacy…
Hong Kong Introduces a Personal Data (Privacy) Amendment Bill
Cross-posted from PogoWasRight.org. Gabriela Kennedy and Heidi Gleeson write: The Personal Data (Privacy) Amendment Bill (the “Bill“) was introduced into the Legislative Council on 13 July 2011. The Bill is the culmination of a lengthy consultation process into the reform of the Personal Data (Privacy) Ordinance (the “Ordinance“) which commenced in 2009. The Bill aims…
California Strengthens its Data Breach Notification Law
Joseph Lazzarotti writes: As we suspected, California’s current governor, Edmund G. “Jerry” Brown, Jr. (D), signed into law S.B. 24, which adds some additional protections to the state’s current data breach notification requirements. The champion of this law and its recent enhancements, State Sen. Joe Simitian (D-Palo Alto), has finally succeeded after a number of prior attempts to pass this measure…
Kr: Report on hacking incidents to be required of companies
All listed and financial companies must report a security breach, with the scope of disclosure on major management issues including M&As being expanded to hacking incidents. The Knowledge Economy Ministry said Thursday that as early as 2014, companies must inform whether they have been hacked and how they can cope with such incidents on either…