Josh Sweigart reports: If a government misplaces a pile of documents containing confidential information in a Dumpster, they don’t have to tell anyone. If they lose a password protected laptop computer, state law requires public disclosure within 45 days. That is why Butler County wasn’t required to tell the 10,600 people potentially affected by a…
Category: Breach Laws
Ie: Proposed Data Security Breach Code of Practise
Brian Honan, who has often contributed news leads and links to this site, blogs about the proposed breach notification law in Ireland: As someone who has been campaigning for mandatory data breach disclosure laws in Ireland for a number of years I am pleased to see the proposed Data Security Breach Code of Practise from…
UK: Data Protection Act is out of kilter with EU law, warns privacy lawyer
Warwick Ashford reports: The single most important change required in UK data protection regulation is to bring the law into line with European legislation, says Stewart Room, partner at law firm Field Fisher Waterhouse. Section 13 of the UK Data Protection Act (DPA) is totally out of kilter with the EU directive on personal data,…
Ie: Mandatory reporting of security breaches on the way
John Kennedy reports: Ireland’s Data Protection Commissioner has unveiled a new draft Code of Practice that sets out the reporting obligations of organisations in the event of a security breach and how they go about protecting private data. The draft Code of Practice has been placed on the website of the Office of the Data…
FTC Extends Enforcement Deadline for Identity Theft Red Flags Rule
Now you can all applaud me on my wisdom in not posting all those reminders I’ve seen elsewhere about the “Red Flags” Rule going into effect on June 1…. because it’s not. From the FTC: At the request of several Members of Congress, the Federal Trade Commission is further delaying enforcement of the “Red Flags”…
Firms not required to inform victims of privacy breach under new rules
Sarah Schmidt reports: Companies can decide whether to tell their customers when they lose their personal information or hackers steal it, according to legislation tabled Tuesday by the Conservative government. The proposed amendments to Canada’s private sector privacy law will require banks, retailers and other companies to inform Canada’s privacy watchdog if they’ve experienced a…