To cut to the chase: you can read the language of the proposed data breach notification law here. Sadly, the proposed language allows entities NOT to notify affected individuals if they conduct a risk assessment and determine that there is no risk to those whose data were breached. Other problems I see on a first…
Category: Federal
NZ: Row brewing over privacy ‘crime’
Claire Rogers reports: A row is brewing over whether businesses should face criminal sanctions and fines if they fail to notify people of data breaches. The privacy commissioner is calling for notification of data breaches to be mandatory and for concealment to be made a crime. But Business New Zealand says criminal penalties would be…
Ca: Clement backs fines for data leaks
Sarah Schmidt reports: Industry Minister Tony Clement said Friday he’s open to the idea proposed by Canada’s privacy watchdog to give her the power to slap corporations with huge fines if they don’t protect the personal information of their customers. “I have not closed the door to it, but there would have to be additional…
Ca: Fines needed to help stem growing data breaches, Privacy Commissioner says
From the Office of the Privacy Commissioner of Canada: STRATFORD, Ontario, May 4, 2011 – An alarming trend of ever-bigger data breaches is prompting Privacy Commissioner Jennifer Stoddart to call for substantial fines against major corporations that fail to adequately protect Canadians’ personal information from preventable breaches. “I am deeply troubled by the large number…
Ninth Circuit Holds That Violating Any Employer Restriction on Computer Use “Exceeds Authorized Access” (Making It a Federal Crime)
Orin Kerr writes: I had though the world was safe from the nuttiness of the Justice Department’s broad theories of the Computer Fraud and Abuse Act in the Lori Drew case. Not so. Readers may recall I once blogged about a similar case, United States v. Nosal, that raised similar issues in the context of an employee…
Sens. Franken, Blumenthal Ask Justice Department to Clarify, Enforce Data Privacy Law
Yesterday, U.S. Sens. Al Franken (D-Minn.) and Richard Blumenthal (D-Conn.) asked the U.S. Department of Justice (DOJ) to clarify its interpretation of a critical federal law that protects the private and personal data of Americans. Recently, servers owned by Epsilon Data Management were hacked, exposing the names and e-mail addresses of millions of American consumers….