Some topics are more than what Twitter can handle. The other day, I tweeted: If bills in Congress are enacted, this #databreach wouldn’t require notification: http://bit.ly/qeqRmR I think it should. I didn’t indicate why I think it should. Nevertheless, Jim Harper of Cato subsequently responded with his own tweet: Data breach notice is making its way…
Category: Commentaries and Analyses
Data-Breach Disclosures May Decline 50% Under Proposed Bills
Corporate disclosures of data breaches involving U.S. consumers’ personal information may fall by 50 percent under legislation before Congress. House and Senate lawmakers have introduced at least five data-security bills this year requiring businesses to notify customers of intrusions if there is a “reasonable risk” that personal data including credit-card and Social Security numbers may…
Shortened Breach Disclosure Periods Could Hurt Consumers
Ericka Chickowski writes: As the SAFE Data Act data breach law made its way to the House Energy and Commerce Committee after passing through the Subcommittee on Commerce, Manufacturing and Trade last week, security experts are wondering at the wisdom of a national data breach law that requires notification within 48 hours of a breach’s…
Without proper laws governing public disclosure of data security hacks, Canadians remain at risk.
Lawyer Jonathan Penney writes: Another day, another hack. Apple, Sony, Citigroup, and Lockheed Martin are just some of the big-name companies afflicted by recent cyber-security breaches. Canada has not been spared. Beyond the attacks on the federal Treasury and Finance Departments, Sony, Husky Energy, and Honda have all had Canadian branches or units compromised in…
Margarita’s Mexican Restaurant breach raises issues of law enforcement’s role in notifying the public (updated)
Brandon Scott reports that authorities have now named the source of a rash of card fraud reports in Huntsville, Texas. But what may be most significant about the news report is its focus on how law enforcement decided whether to – or when – reveal the point of compromise: … Huntsville Police Department, Walker County…
How Fast Is Fast Enough to Tell Customers About Data Breaches?
Sue Reisinger writes on Corporate Counsel: In financial data breaches, timing is almost everything. On June 13 a federal court held Comerica Bank liable for data breach losses even though it notified the customer and stopped all account activity within six hours. Two days later Citigroup Inc. was explaining why it took nearly a month…