The Australian Privacy Foundation has responded to Australia’s draft breach notification law. You can read their comments here. Not surprisingly, I agree with their concerns.
Category: Federal
Attacks ‘highlight need for data breach notification law’
Paul Smith reports: The Australian Bankers Association has defended the strength of IT security processes in place across Australia’s banking system following the revelation that Reserve Bank of Australia systems had been compromised by China-based hackers. However, security experts said the incident highlighted the need for Australian data breach notification laws to be tightened to force…
Crowd-sourcing an idea for a law
Thanks to partisan politics and intensive industry lobbying, we have no strong federal breach notification law. This, of course, is not news to my readers. But in light of (1) Congress’s current interest in cybersecurity and sharing of information, (2) the fact that up to 40% of breaches are first detected by members of the…
Minnesota resident sues state agency and employee over breach involving driver’s license database
A Minnesota resident, Jeffrey Ness, has filed a potential class action lawsuit against the state’s Department of Natural Resources (DNR) and Department of Public Safety after a DNR employee exceeded authorized access and accessed about 5,000 residents’ driver’s license information. The employee was terminated but the motive for the improper access was not disclosed. In the lawsuit filed…
Cheng v. Romo and Applying Unauthorized Access Statutes to Use of Shared Passwords
Orin Kerr writes: The federal computer crime statutes punish unauthorized access to a computer. As regular readers know, courts are hopelessly divided on what this language means, and in particular what makes an access to a computer authorized versus unauthorized. In Cheng v. Romo, 2012 WL 6021369 (D. Mass. Nov. 28 2012), Judge Casper authored an…
Dutch government seeks to let law enforcement hack foreign computers
Lucian Constantin reports: The Dutch government wants to give law enforcement authorities the power to hack into computers, including those located in other countries, for the purpose of discovering and gathering evidence during cybercrime investigations. In a letter that was sent to the lower house of the Dutch parliament on Monday, the Dutch Minister of Security and…