Voluntary breach reporting doesn’t seem to be working too well in Australia. Michael Lee of ZDNet in Australia, reporting on a new annual report by the Office of the Australian Information Commissioner, notes: The OAIC also received, separately, 56 voluntary data breach notifications, representing a 21 per cent increase from the previous financial year. Somehow…
Category: Commentaries and Analyses
Would a federal data breach law really be too costly for the private sector?
Are you curious about the cost of a data breach notification law? Here’s the analysis of S. 1151, the Personal Data Privacy and Security Act of 2011, proposed by Senator Leahy. It appears that the biggest added cost to the private sector would be on improving security and not from breach notification since 46 states already…
In Hannaford Data Breach Case, First Circuit Says Card Replacement and ID Theft Insurance are Reasonable Mitigation Damages and Compensable–Anderson v. Hannaford Bros.
I’ve been reading a number of analyses and commentaries on the First Circuit’s ruling in the Hannaford Bros data breach case. While some people have described the ruling as a “potential game-changer,” Venkat Balasubramani provides a less optimistic analysis of what the decision may portend. As a recap, most of the plaintiffs’ claims have been…
Survey says: Data Breaches Can Cause Lasting and Costly Damage to the Reputation of Affected Organizations
Reports of data breaches affecting some of today’s largest companies continue to grab the headlines of prominent news outlets nationwide. The damage experienced by a company after a data breach has lasting negative effects on brand equity and reputation. In fact, a recent survey* of nearly 850 executives, conducted by the Ponemon Institute and sponsored…
Ignored Skype flaw enables hackers to steal sensitive user details
Steven Mostyn reports: What’s not to like about Skype? It spans the world, it enables us to chat instantly with friends and family, it supports video communication, and it’s completely free. What’s not to like? Well, how about the potential for having your computer’s security compromised because Skype can allow nefarious online criminals to access…
Federal Appeals Court Holds Identity Theft Insurance/Credit Monitoring Costs Constitute “Damages” in Hannaford Breach Case
I posted something on this decision earlier today, but David Navetta has such a helpful analysis of the ruling that I wanted to mention it here. His commentary begins: In a significant development that could materially increase the liability risk associated with payment card security breaches (and personal data security breaches, in general), the U.S. Court…