From a New York Times editorial: In 2005, ChoicePoint, a data broker, gave access to personal information about more than 140,000 people to criminals posing as businesspeople. Since that widely publicized security breach, many states have passed laws protecting consumer information, but Congress still has not come through. Now, the House is considering a bill…
Category: Breach Laws
Maine Requires Breach Notice within Seven Days of Go-Ahead from Law Enforcement
From the Privacy & Information Security Law Blog: On May 19, Maine Governor John Baldacci signed legislation limiting the time that breach notification may be delayed following a determination by law enforcement that providing notice will not compromise a criminal investigation. The provision, which will take effect 90 days after the close of the Legislature’s…
Prospects Gloomy for Texas Data Security Bill
Jim Rubenstein of Credit Union Times reports that it’s unlikely that the Texas legislature will pass an ambitious data security bill before the current legislative session ends on June 1. H.B. 345 and the companion S.B. 327 have support from the financial sector and the state’s Attorney General, but have been strongly opposed by retailers…
Pointer: European Parliament Adopts Position on Data Breach Notification Requirement for Telecoms and ISPs
The Privacy and Security Law Blog has a nice article by Hunton & Williams LLP on the new European Parliament position on data breach notification requirement for telecoms and ISPs. As the authors note, “For the first time in EU law the amendments [to the e-Privacy Directive] introduce a definition of “personal data breach” and…
E.U. to Consider More Stringent Reporting of Data Breaches
Kevin O’Brien of The New York Times reports: The European Commission said Tuesday that it would pursue a new law that would require most businesses, agencies and organizations in Europe to notify consumers when they lose sensitive customer data. Viviane Reding, the European telecommunications commissioner, said the commission, the executive arm of the European Union,…
Security groups cautious about data security and file sharing bills
Gautham Nagesh of Nextgov reports on testimony to Congress concerning two bills in the current session: H.R.2221 (Data Accountability and Trust Act) and H.R. 1319 (Informed P2P User Act). Some of the concerns raised about H.R. 2221: According to David Sohn, senior policy counsel for the Center for Democracy and Technology, most states have already…