From the tell-us-something-we-didn’t-know-already dept., Mark Gerlach reports: Although cyberattacks are becoming more prevalent, breach notification laws in the U.S. lack synergy, said the opening panelists at ALM’s Cybersecurity and Data Protection Legal Summit Tuesday morning at The Harvard Club in New York City. […] “I wouldn’t hold your breath for a national breach notification,” said…
Category: Federal
Italy: Garante introduces ‘progressive’ mandatory breach notification
DataGuidance reports: The Italian Data Protection Authority (Garante) issued, on 26 November 2014, its general resolution on biometrics (‘the Resolution’), which includes a new 24-hour data breach notification obligation. The requirement was introduced a means of balancing the new simplified rules on authorisation for use of biometrics which will no longer require the Garante’s prior…
Retailers are skirting data security issue, NAFCU, trades tell Congress
The National Association of Federal Credit Unions writes: Retailer groups’ data security arguments are “inaccurate and misleading” given their members “are not covered by any federal laws or regulations that require them to protect data and notify consumers when it is breached,” NAFCU and six other financial trades told House and Senate leaders Wednesday. “National…
Home Depot says 53 million more email addresses stolen; retailers urge Congress to pass data breach law
Reuters reports: Home Depot Inc, the world’s largest home improvement chain, said about 53 million more email addresses were taken during a recent breach of its payment data systems. […] Home Depot said the stolen files that contained the additional email addresses did not include passwords, payment card information or other sensitive personal information. Criminals…
Computer Fraud and Abuse Act No Help to Employer Suing Employee Who Took Proprietary Business Info
Michelle Hackim writes: An employer had no cause of action under the Computer Fraud and Abuse Act (“CFAA”) against an employee who accessed its computer systems to misappropriate confidential and proprietary business information to start a competing business, the U.S. District Court for the Southern District of Ohio has held. Cranel Inc. v. Pro Image Consultants…
Data Breach Notification Law Unlikely in 2014
One might somewhat pessimistically insert “and is unlikely in 2015… and 2016… and…” Eric Chabrow reports on how despite its importance and the number of massive data breaches reported in the past year, a federal data breach notification law is unlikely to pass this year. No surprise there, as he notes the gap between what businesses…