The Australian Privacy Foundation has submitted additional comments on proposed data breach notification regulations in Australia. You can read their supplement here. Not surprisingly, I remain in substantive agreement with their recommendations.
Category: Legislation
APF responds to AU’s data breach notification draft bill
The Australian Privacy Foundation has responded to Australia’s draft breach notification law. You can read their comments here. Not surprisingly, I agree with their concerns.
UT: Security breach bill passes the House
Antone Clark reports: State lawmakers are taking action to prevent another breach of sensitive data following the inadvertent release of almost 800,000 names in 2012. The House voted unanimously to approve legislation establishing guidelines for how information for Medicaid and CHIP recipients will be handled and also pushing the state to actively identify industry best…
Mandatory data breach notification law proposed in Canada
Nestor E. Arellano reports: With the Conservative government’s privacy reform bill sitting untouched after being introduced about two years ago, New Democractic Party MP Charmain Borg has introduced a private member’s bill that that would make it mandatory for organizations to report data breach incidents. Bill C-475, Borg’s proposed amendment to the federal Personal Information Protection and Electronics Document…
Bill advances to help prevent state data breaches
Sometimes the personal connection to a breach does get legislators off the dime. Lee Davidson reports: The wife of Sen. Stuart Reid, R-Ogden, was among 780,000 victims of a Utah health data security breach last March. On Wednesday, Reid passed through the Senate a bill designed to help prevent such breaches in the future. SB20,…
Cheng v. Romo and Applying Unauthorized Access Statutes to Use of Shared Passwords
Orin Kerr writes: The federal computer crime statutes punish unauthorized access to a computer. As regular readers know, courts are hopelessly divided on what this language means, and in particular what makes an access to a computer authorized versus unauthorized. In Cheng v. Romo, 2012 WL 6021369 (D. Mass. Nov. 28 2012), Judge Casper authored an…