Charles Duncan reports: Cayman’s financial institutions face the same threats as any other financial centers around the globe, but local cybersecurity experts say people in Cayman may never find out if their personal information is stolen from a local bank. Banking regulations in Cayman don’t require banks to tell customers if their data has been…
Category: Federal
National Notification Law Unlikely
From the tell-us-something-we-didn’t-know-already dept., Mark Gerlach reports: Although cyberattacks are becoming more prevalent, breach notification laws in the U.S. lack synergy, said the opening panelists at ALM’s Cybersecurity and Data Protection Legal Summit Tuesday morning at The Harvard Club in New York City. […] “I wouldn’t hold your breath for a national breach notification,” said…
Italy: Garante introduces ‘progressive’ mandatory breach notification
DataGuidance reports: The Italian Data Protection Authority (Garante) issued, on 26 November 2014, its general resolution on biometrics (‘the Resolution’), which includes a new 24-hour data breach notification obligation. The requirement was introduced a means of balancing the new simplified rules on authorisation for use of biometrics which will no longer require the Garante’s prior…
Retailers are skirting data security issue, NAFCU, trades tell Congress
The National Association of Federal Credit Unions writes: Retailer groups’ data security arguments are “inaccurate and misleading” given their members “are not covered by any federal laws or regulations that require them to protect data and notify consumers when it is breached,” NAFCU and six other financial trades told House and Senate leaders Wednesday. “National…
Home Depot says 53 million more email addresses stolen; retailers urge Congress to pass data breach law
Reuters reports: Home Depot Inc, the world’s largest home improvement chain, said about 53 million more email addresses were taken during a recent breach of its payment data systems. […] Home Depot said the stolen files that contained the additional email addresses did not include passwords, payment card information or other sensitive personal information. Criminals…
Computer Fraud and Abuse Act No Help to Employer Suing Employee Who Took Proprietary Business Info
Michelle Hackim writes: An employer had no cause of action under the Computer Fraud and Abuse Act (“CFAA”) against an employee who accessed its computer systems to misappropriate confidential and proprietary business information to start a competing business, the U.S. District Court for the Southern District of Ohio has held. Cranel Inc. v. Pro Image Consultants…