Robert Pear reports that although the federal government already prohibits private insurers using Social Security numbers on insurance cards when they provide benefits under contract with Medicare, Medicare itself has continued to issue new Medicare cards with Social Security numbers imprinted on them. And as anyone who hasn’t been asleep through the past decade knows, that’s been a recipe…
Category: Federal
New bill would protect security research hacking
Cory Bennett reports: Sen. Ron Wyden (D-Ore.) and Rep. Jared Polis (D-Colo.) introduced a bill Thursday that would exempt responsible hacking from prosecution under existing copyright law. The security and academic community has long worried they could face legal action for basic research, which often involves examining computer networks in a way that may technically run afoul…
FTC and Wyndham Present Arguments on Whether FTC has Declared Unreasonable Cybersecurity Practices Unfair
Katherine Gasztonyi writes: On Friday, March 27, 2015, the Federal Trade Commission and Wyndham Worldwide Corp. filed supplemental briefing in the Third Circuit regarding whether the FTC had made an adjudicative decision that the FTC Act prohibits unreasonable cybersecurity practices and, if not, whether a federal court could hear a case charging a violation of the FTC Act…
House Dem to introduce separate data breach bill
Elise Viebeck reports: A co-chairman of the House Cybersecurity Caucus is planning to introduce a data breach bill that would not create federal security standards for private companies. Rep. Jim Langevin (D-R.I.) announced that he will release two cyber-related measures on Thursday: one to require companies to disclose data breaches to affected customers within 30…
Allegations of Indirect Access Held Insufficient To State Claim Under CFAA – Court
David J. Clark of Epstein Becker & Green, P.C., writes: On March 20, 2015, a California federal court rejected an expansive reading of the Computer Fraud and Abuse Act (“CFAA”) urged by two plaintiff corporations that sought to hold a competitor and two of its directors liable under the CFAA, under an agency theory, for the actions…
Criminalizing the Overseas Sale of Stolen U.S. Financial Information
I’ve been posting some of the U.S. Department of Justice’s attempts to justify their proposed amendments to cybersecurity laws. Here’s how the most recent post in their series begins: In the last of our series on the need for limited updates to laws enhancing cybersecurity while protecting individual rights, this post will describe a proposal that is geared…