Julian Hattem reports: Lawmakers in the Senate are unveiling a new data security bill that aims to protect consumers from having their identities stolen or being harmed by fraud. Sens. Tom Carper (D-Del.) and Roy Blunt (R-Mo.) said that recent data breaches at major U.S. retailers have highlighted the need for added standards to protect…
Category: Federal
House passes bill to require data breach notification for breaches involving Healthcare.gov and state exchanges
Pete Kasperowicz reports: The House passed the Health Exchange Security and Transparency Act, H.R. 3811, in a 291-122 vote. Sixty-seven Democrats voted for the bill, ignoring arguments from party leaders that the bill was a “messaging” vote meant to discourage people from signing up for insurance. The one-sentence bill says that no later than two…
House Plans Vote On Security Requirements For Health Insurance Exchange
Kaiser Health News has a roundup of media coverage on the GOP’s intention to propose legislation requiring more security controls for HealthCare.gov. If you’re a supporter of Obamacare, you’ll likely see this as a move to undercut it. But even if you’re a supporter of Obamacare, is there any merit to the proposal? This may…
Exiting CTO who copied source code and company files wins dismissal of CFAA claim; Thoughts on the CFAA post-Nosal
Justin P. Webb writes: Viral Tolat, ex-CTO of Integral Development Company, is accused by his former company of copying gigabytes of source code and confidential files on his way out the door to a position with another company. He copied the source code to multiple places and uploaded some of the data to his personal Google Docs…
This hacker might seem shady, but throwing him in jail is bad for everyone
Timothy B. Lee writes: On Friday, the U.S. government filed its brief in the appeal of Andrew “Weev” Auernheimer, who was convicted of federal hacking charges for downloading hundreds of thousands of customer e-mail addresses from AT&T’s Web site. The government says the conviction was proper, but many security researchers and civil liberties advocates argue that the…
Mandatory Data Breach Notice Bill Stalls As Canadian Parliament Session Closed
Peter Menyasz reports: The Canadian government’s Sept. 13 decision to end the Parliament’s legislative session has at least temporarily blocked passage of proposed amendments (Bill C-12) to Canada’s framework federal privacy law that would have introduced a limited mandatory data breach notification requirement. A new parliamentary session is scheduled to start Oct. 16, and the…