I just shook my head yesterday when I heard about a proposed law in Minnesota that would require breach notification within 48 hours of discovery, the offer of free credit monitoring for one year, and golly gee, a $100 gift card that would be valid for one year if the breached entity was a retailer. Apparently I…
Category: Commentaries and Analyses
Comparison of Five Data-Breach Bills Currently Pending in the Senate
Meena Harris writes: Data security continues to be a hot issue on Capitol Hill, and just yesterday Attorney General Eric Holder urged Congress to create a “strong, national standard” for quickly reporting data breaches to consumers. Democratic and Republican senators have been busy drafting legislation that would establish national requirements for data security and breach notice. The following bills…
Payment Card Breaches: Time to Spread the Risk with Mandatory Cyber Insurance
David Navetta writes: The BIG 2014 security stories concerning the Target, Neiman Marcus and Michaels payment card breaches of have highlighted the significant criminal hacking and fraudulent payment card activity that goes on in the retail space. Of course, it was not so long ago that the Heartland Payment Systems breach (2008; 100 million cards exposed) and the TJX breach in (2007; 45 million card exposed)…
IRS Criminal Investigation issues annual report
The Internal Revenue Service today announced the release of its IRS Criminal Investigation (CI) Annual Report for fiscal year 2013, reflecting significant increases in enforcement actions against tax criminals and a robust rise in convictions, including identity theft. CI investigates potential criminal violations of the Internal Revenue Code and related financial crimes in a manner…
LifeLock addresses FTC complaint; more from CEO Todd Davis
Hayley Ringle reports: My hour-long interview last week with LifeLock CEO and chairman Todd Davis covered a lot of ground in the Phoenix Business Journal’s inaugural “Inside the Reporter’s Notebook” event. But there were some extra questions I didn’t get a chance to ask, including some about a pending FTC investigation I just learned about. Davis, who co-founded the Tempe-based identity theft protection company…
Thesis on data breach disclosure wins XS4All prize
Telecompaper reports: Dutch ISP XS4ALL and the law firm Brinkhof have awarded their annual Internet Thesis prize to a masters student researching required disclosure of data breaches. The research found that any such legal requirement would likely not meet its objectives. The thesis was based on the number of disclosures in the US before and…