Commentaries and Analyses – Page 854

Pointer: European Parliament Adopts Position on Data Breach Notification Requirement for Telecoms and ISPs

Posted on May 12, 2009 by Dissent

The Privacy and Security Law Blog has a nice article by Hunton & Williams LLP on the new European Parliament position on data breach notification requirement for telecoms and ISPs. As the authors note, “For the first time in EU law the amendments [to the e-Privacy Directive] introduce a definition of “personal data breach” and…

Security groups cautious about data security and file sharing bills

Posted on May 5, 2009 by Dissent

Gautham Nagesh of Nextgov reports on testimony to Congress concerning two bills in the current session: H.R.2221 (Data Accountability and Trust Act) and H.R. 1319 (Informed P2P User Act). Some of the concerns raised about H.R. 2221: According to David Sohn, senior policy counsel for the Center for Democracy and Technology, most states have already…

Data Breach Notification Law Across the World from California to Australia

Posted on April 18, 2009 by Dissent

Alana Maurushat of University of New South Wales has published a review and comparison that is available online at bepress.com in pdf format. The abstract: Data breach notification and disclosure laws are emerging around the globe. The following article and table examine the specifics of data breach notification frameworks in multiple jurisdictions. Over the year…

FTC Publishes Proposed Breach Notification Rule for Electronic Health Information

Posted on April 16, 2009 by Dissent

From the FTC: The Federal Trade Commission today announced that it has approved a Federal Register notice seeking public comment on a proposed rule that would require entities to notify consumers when the security of their electronic health information is breached. The American Recovery and Reinvestment Act of 2009 (the Recovery Act) includes provisions to…

Pointer: Visa Suspends Heartland: A Little Revisionist History?

Posted on March 14, 2009 by Dissent

Over on StorefrontBacktalk, Evan Schuman has some sharp and thought-provoking commentary on Visa’s suspension of Heartland’s and RBS’s approved status and assertions that “no compromised entity has been found to be [PCI] compliant at the time of the breach.”

Pointer: State Laws Require Secure Personal Data

Posted on March 10, 2009 by Dissent

Nick Akerman and Melissa J. Krasnow have an article in The National Law Journal: Connecticut, Massachusetts and Nevada recently enacted laws requiring businesses to institute certain compliance measures to secure personal information that can be used to perpetrate identity theft. The Massachusetts law applies to a business located anywhere in the United States that stores…