Darren Pauli reports: US Senate and House committee members are confident twin security bills will be passed in the coming weeks, making serious inroads into the perennial failure that is cyber security information sharing. The bipartisan bills would offer liability protection to organisations who supply de-anonymised security threat information with the US government. The Protecting…
Category: Federal
Australian data breach notification laws will not be passed in 2015: Brandis
Yes, let’s enact mandatory data retention laws without any companion protections or data breach notification requirements. Way to go, Australia! Chris Duckett reports: Despite the Joint Parliamentary Committee on Intelligence and Security recommending that Australia have data breach notification laws in place before the end of 2015, Australian Attorney-General George Brandis told the Senate on Tuesday that…
Senator Sheldon Whitehouse Wants to Make the Computer Fraud and Abuse Act Even Easier to Abuse
If you’re a security researcher, you’ll definitely want to read this. Nadia Kayyali writes: This summer, Senator Sheldon Whitehouse introduced an amendment to the flawed Cyber Information Sharing Act (CISA) that would make it even worse, by expanding the broken Computer Fraud and Abuse Act (CFAA). EFF has proposed common sense changes to this federal anti-hacking law, many of which were included in “Aaron’s…
Burning Down The House – The Wyndham Decision Allows The FTC To Sue Businesses For Getting Hacked
Avery Dial and Rory Eric Jurman of Fowler White Burnett, P.A., write: As it is commonly understood, the Great Fire of London spawned two fixtures of the modern world: advancements in firefighting and property insurance. The risk of fire was seen as a threat to society as a whole and mechanisms to mitigate that risk…
Wyndham Case May Mean Uncertainty for New Payment Providers
Kery Murakami reports: Wyndham Hotels & Resorts LLC’s appeal of a Federal Trade Commission (FTC) complaint against the hotel chain for alleged lax data protection practices is being watched closely by banking officials who say it could lead to uncertainty over cybersecurity regulations for emerging technologies such as mobile wallets and digital payments. The case…
What You Need to Know About Germany’s Cybersecurity Law
Monika Kuschewsky writes: Whilst the discussions on the proposed Network and Information Security (NIS) Directive at European level are still ongoing (see Update on the Cybersecurity Directive − over to Luxembourg?, InsidePrivacy, June 12, 2015), less has been said about Germany new national Act to Increase the Security of Information Technology Systems (the “IT Security Law”). The IT…