Commentaries and Analyses – Page 791

President’s cybersecurity agenda includes proposed federal data breach notification law

Posted on May 12, 2011 by Dissent

To cut to the chase: you can read the language of the proposed data breach notification law here. Sadly, the proposed language allows entities NOT to notify affected individuals if they conduct a risk assessment and determine that there is no risk to those whose data were breached. Other problems I see on a first…

Catch a clue from an EDU: Universities that get security right

Posted on May 10, 2011 by Dissent

Mary K. Pratt reports: Professor Corey Schou was working in his school’s library when he realized his computer was picking up a particularly strong Wi-Fi signal. Normally that would be welcome news. But Schou knew that spot was usually a dead zone, which meant something was probably amiss. So Schou, a professor of informatics at…

Sony Declines to Testify at Congressional Hearing

Posted on May 2, 2011 by Dissent

Nick Bilton reports: Sony has declined to testify at a Congressional hearing on Wednesday, “The Threat of Data Theft to American Consumers,” that seeks to understand how consumers’ private data is protected by corporations. […] The subcommittee sent a letter to Sony on Friday asking the company to answer a number of questions related to the…

Customers Stay Despite High-Profile Data Breaches

Posted on May 1, 2011 by Dissent

Jordan Robertson of Associated Press writes: Week after week, thieves break into corporate computer systems to steal customer lists, email addresses and credit card numbers. Large data breaches get overshadowed by even larger ones. Yet people are turning over personal information to online retailers, social networks and other services in growing numbers. The point at…

Ninth Circuit Holds That Violating Any Employer Restriction on Computer Use “Exceeds Authorized Access” (Making It a Federal Crime)

Posted on April 29, 2011 by Dissent

Orin Kerr writes: I had though the world was safe from the nuttiness of the Justice Department’s broad theories of the Computer Fraud and Abuse Act in the Lori Drew case. Not so. Readers may recall I once blogged about a similar case, United States v. Nosal, that raised similar issues in the context of an employee…

Defending the Digital Gates: Universities and Cyber Security

Posted on April 28, 2011 by Dissent

Kevin Lizarazo writes: More than a year and a half ago, in a computer lab in Stony Brook University, Peter Yeh and his friend sat down at their terminals with one goal: to hack into a computer system. The target was the school’s SOLAR System, a web-based service for students and faculty to manage their…