Commentaries and Analyses – Page 836

New Chinese Tort Liability Law Contains Provisions Affecting Personal Data

Posted on January 12, 2010 by Dissent

Hunton & Williams provide more details on the newly passed Chinese tort law: Certain of its provisions relate, expressly or in a general sense, to personal information. These provisions can cause data users to incur liability to data subjects for the mishandling of personal information. In particular: The law (at Articles 2 and 6) states…

Recovery firms may steal your data

Posted on January 11, 2010 by Dissent

Judi Hasson reports: […] A new survey finds that data-recovery services are responsible for a growing chunk of privacy breach incidents. It’s not really a surprise. An outside vendor contracted to repair your computer may not have the security mechanisms in place to prevent a theft. Or the company may have IT workers willing to…

Hacking Takes Lead as Top Cause of Data Breaches

Posted on January 9, 2010 by Dissent

Hacking has topped human error as the top cause of reported data breaches for the first time since such tracking began in 2007, according to the Identity Theft Resource Center’s 2009 Breach Report. In its report, titled “Data Breaches: The Insanity Continues,” the non-profit ITRC found that 19.5 percent of reported breaches were due to…

Ie: Revenue set up VIP unit (but don’t the little people deserve privacy too?)

Posted on January 9, 2010 by Dissent

TJ McIntyre writes: One recent story which didn’t attract as much attention as it should have was the revelation that the Revenue have set up a special VIP unit to minimise leaks of confidential information about public figures. This emerged with the publication of an audit by the Data Protection Commissioner which found significant weaknesses…

Heartland breach shows why compliance is not enough

Posted on January 6, 2010 by Dissent

Jaikumar Vijayan reports: […] The [Heartland] intrusion led to the “stark realization that passing a PCI security audit does not make a company secure,” said Avivah Litan, an analyst at research firm Gartner Inc. “This was known well before the breach, but Heartland served as a big pail of ice water thrown on the face…

HHS wants contractor to test privacy of ‘anonymous’ data

Posted on January 5, 2010 by Dissent

Alice Lipowicz reports: Can personal medical data that has been stripped of its identifiers to protect privacy later be used to identify a specific person? That is the question that the Health and Human Services Department is hoping a research contractor can answer. HHS intends to hire a contractor to demonstrate either the “ability or…