Ralph C. Losey of Jackson Lewis writes: The Computer Fraud and Abuse Act (“CFAA”) is an anti-hacker statute that prohibits unauthorized access, or the exceeding of authorized access, of computers connected to interstate commerce. 18 U.S.C. § 1030. Violators are subject to both criminal and civil liability. Employers have long taken advantage of the CFAA’s civil remedies to “sue former employees…
Category: Federal
Did the CIA Violate the Computer Fraud and Abuse Act by Accessing Intelligence Committee Computers?
Orin Kerr writes: Senator Feinstein recently claimed that the CIA may have violated the federal computer hacking statute, the Computer Fraud and Abuse Act, by searching computers used by the Intelligence Committee to conduct CIA oversight. Based on the facts we know so far, I’m skeptical of the claim that the CIA violated the statute. This post…
No consensus on notifying victims of data breaches, but I have a few thoughts
Eric Tucker of Associated Press reports: The data breach at Target Corp. that exposed millions of credit card numbers has focused attention on the patchwork of state consumer notification laws and renewed a push for a single national standard. Most states have laws that require retailers to disclose data breaches, but the laws vary wildly….
Weds: House Financial Services subcommittee to hold hearing on data breaches
Julian Hattem reports: Data security will be back in the spotlight on Wednesday, when a House Financial Services subcommittee hears from top law enforcement, consumer advocacy and industry experts. The hearing will be the fifth Congress has held since Target revealed late last year that a hacker had stolen millions of users’ information during the…
KR: Standing committee passes ‘Privacy Act’ to beef up regulations on personal data
Connie reports: To strengthen regulations on protecting personal information following a recent data leak by credit card companies here in Korea a new privacy protection bill is moving through the National Assembly. The bill, passed Wednesday by the Security and Public Administration standing committee, would require financial institutions and other public companies to use encrypted…
Attorney General seeks national standard to protect against identity theft
Peter Cooney reports: Attorney General Eric Holder, citing the recent massive data theft at retailer Target Corp, urged Congress on Monday to enact a national standard for notifying consumers about such breaches. “This would empower the American people to protect themselves if they are at risk of identity theft,” Holder said in a statement urging…