New legislation governing data breaches and privacy issues is popping up in states across the country. Most recently, Connecticut, Vermont, and Illinois have enacted new laws in these areas. You can find a nice summary of the three new laws on CyberInquirer. Image credit: “Chessman” © Saimnadir | Dreamstime.com
Category: Commentaries and Analyses
UK: Tesco to be investigated over privacy concerns
Here’s an investigation that started after a tweet complaining about inadequate security. Mof Gimmers reports: Those exciting folks at The Information Commissioner’s Office are going to investigate Tesco over the way they protect the privacy of their customers online. The ICO probe comes on the back of claims from security experts who have a number…
Georgia Tax Return Preparer Pleads Guilty to Stolen Identity Refund Fraud Crimes
A tax return preparer from Macon, Ga., pleaded guilty Thursday to filing a false claim for tax refund, theft of government money and aggravated identity theft, the Justice Department and the Internal Revenue (IRS) announced. According to court documents, Willie C. Grant is a former tax return preparer who used many of his former clients’…
ABA: Lawyers Must Implement Reasonable Data Security for Client Information
Back on August 2, in response to yet another breach involving a law firm’s records, I wrote to the American Bar Association to ask what the ABA advised members in terms of disposal of records. I got a pro forma response that was totally non-responsive to the question I had posed to them. I wrote…
Defining Reasonable Security
Tracy Kitten writes: Last month, an appellate court in Boston reversed a lower court’s ruling that favored a bank in a legal dispute over a 2009 account takeover incident (see PATCO ACH Fraud Ruling Reversed.) Was that appellate ruling fair? Based on the security practices that most banking institutions used in 2009, probably not. The case…
OR: Hacking cases down, still a threat: by the numbers
Some interesting stats in a news report by Queenie Wong in the Statesman Journal: Cybersecurity by the Numbers Since 2009, state agencies have been required to report the number of suspicious information security incidents to the state’s Enterprise Security Office, which is part of the Department of Administrative Services. All incidents are not necessarily considered…