Craig Hoffman writes: So far this month, three legislative proposals containing a national data breach notification requirement have been issued. On May 4, Rep. Bobby L. Rush (D-Ill.) reintroduced the Data Accountability and Trust Act. On May 11, Rep. Cliff Stearns (R-Fla.) introduced the Data Accountability and Trust Act (DATA) of 2011. One day later, the White…
Category: Federal
Breach Notification Proposal Lacks Teeth
Clearly I’m not the only one who was unimpressed with the Obama administration’s plan for a federal data breach notification law. Tracy Kitten reports: The Obama administration’s plan for a federal data breach notification policy is too vague to be effective, and it lacks teeth to penalize violators, critics say. Read more on BankInfoSecurity.com.
AU: How security chief’s bank details leaked
Ben Grubb reports: Security firm Symantec’s Australian chief has revealed how his personal credit card details were leaked by a Melbourne restaurant, which he said highlighted the need for mandatory privacy breach notification laws. […] Scroggie’s credit card data was leaked via email when a Melbourne restaurant at which he was a member attempted to…
White House Wants Tougher Penalties for Computer Breaches
David E. Sanger and John Markoff report: Almost two years after outlining a broad strategy intended to strengthen the security of the nation’s computers and networks, the Obama administration said Thursday that it was sending proposed legislation to Congress that would strengthen penalties for any invasion of private computer systems. But the White House, in…
President’s cybersecurity agenda includes proposed federal data breach notification law
To cut to the chase: you can read the language of the proposed data breach notification law here. Sadly, the proposed language allows entities NOT to notify affected individuals if they conduct a risk assessment and determine that there is no risk to those whose data were breached. Other problems I see on a first…
NZ: Row brewing over privacy ‘crime’
Claire Rogers reports: A row is brewing over whether businesses should face criminal sanctions and fines if they fail to notify people of data breaches. The privacy commissioner is calling for notification of data breaches to be mandatory and for concealment to be made a crime. But Business New Zealand says criminal penalties would be…