Commentaries and Analyses – Page 827

Information and Privacy Commissioner issues his decisions about the Epsilon data breach that affected Best Buy and Air Miles

Posted on May 20, 2011 by Dissent

From the press release: The Information and Privacy Commissioner of Alberta, Frank Work issued his decisions today in regard to Best Buy Canada Ltd., and Air Miles Reward Program’s breach incident reports involving unauthorized access to personal information. Amendments to the Personal Information Protection Act (PIPA) require organizations to report incidents where there exists a…

Breach Notification Proposal Lacks Teeth

Posted on May 17, 2011 by Dissent

Clearly I’m not the only one who was unimpressed with the Obama administration’s plan for a federal data breach notification law. Tracy Kitten reports: The Obama administration’s plan for a federal data breach notification policy is too vague to be effective, and it lacks teeth to penalize violators, critics say. Read more on BankInfoSecurity.com.

(Follow-up, update, and correction)

Posted on May 17, 2011 by Dissent

Editor’s Note: the content of the blog entry that originally appeared on May 17, 2011 has been deleted on August 30, 2012 after it was brought to this site’s attention that the original source had removed their story and that it may not have been accurate. That’s the second time a news story from NDTV…

AU: How security chief’s bank details leaked

Posted on May 16, 2011 by Dissent

Ben Grubb reports: Security firm Symantec’s Australian chief has revealed how his personal credit card details were leaked by a Melbourne restaurant, which he said highlighted the need for mandatory privacy breach notification laws. […] Scroggie’s credit card data was leaked via email when a Melbourne restaurant at which he was a member attempted to…

Is Sony getting a bad rap on its data breach?

Posted on May 14, 2011 by Dissent

There may be a lot of justifiable criticism of Sony in terms of security, but as I’ve commented previously on this blog, I don’t think “delayed notification” when they discovered they were breached was one of their sins. Robert McMillan reports: Sony didn’t show up for last week’s Capitol Hill hearing on its massive data…

President’s cybersecurity agenda includes proposed federal data breach notification law

Posted on May 12, 2011 by Dissent

To cut to the chase: you can read the language of the proposed data breach notification law here. Sadly, the proposed language allows entities NOT to notify affected individuals if they conduct a risk assessment and determine that there is no risk to those whose data were breached. Other problems I see on a first…