As regular readers of this blog already know, the ICO has issued fines over data protection breaches precisely four times since he acquired the authority to do so, despite public clamor for him to really get tough. Now Caroline Donnelly reports: … In total, information concerning 2,565 potential data breaches was passed on to the…
Category: Breach Laws
German Government Adopts Security Breach Notification Requirement in Telecommunications Act
On March 2, 2011, the German Federal government adopted a draft law revising certain sector-specific data protection provisions in the German Telecommunications Act. The draft law addresses the implementation of data breach notification requirements in the European e-Privacy Directive by introducing a breach notification obligation for telecommunications companies. According to the proposal, telecommunications companies must…
A Novel Data Security Law Proposed in Colorado
David Navetta discusses a proposed law in Colorado, HB 11-1225: Regulation is achieved via the “carrot” or the “stick” (and sometimes both). This is true in the information security context as well. For example, to incentivize encryption of personal information, breach notice laws use a stick: those that fail to encrypt may have to provide…
Recommended: Evaluating Data Breach Disclosure Laws
Sasha Romanosky writes: I imagine most of you have received one or more letters from companies informing you that they lost your personal information. If so, what, if anything, did you do about it? Did you check your credit history?; close a financial account?; something else?; or nothing at all? If you did act, you…
Costa Rica: Computer Fraud Bill Passed
InsideCostaRica reports: Legislators approved the bill that establishes penalties for computer fraud. Among the sanctions are a violation of personal data and sets the penalty of 3 to 6 years in prison. In addition, it provides a penalty of 4 to 8 years in prison for extortion. Computer fraud case of espionage, computer sabotage and…
AU: Data breach laws won’t help: Verizon
Darren Pauli reports: A top information forensic specialist has said that mandatory data breach legislation will not reduce the number of data breaches, despite industry calls for such laws to be introduced. Industry figures have been asking for such legislation since the government looked into the issue as part of a national overhaul of privacy…