Embedded in revisions to a proposed cybersecurity law are some provisions on mandatory breach notification. Richard Lardner reports: The chairman of the Senate Commerce, Science and Transportation Committee, Sen. Jay Rockefeller, D-W.Va., is adding a provision to cybersecurity legislation that would strengthen the reporting requirement. The SEC’s cybersecurity guidance issued in October is not mandatory. It was…
Category: Legislation
Old law puts school data at risk
Susan Palmer reports: An obscure state regulation — one that requires districts to keep student records for decades — is one reason several thousand Eugene School District students are at risk of having their Social Security numbers hijacked following a security breach of the district’s electronic records. School districts must retain student records for 75…
France’s New Breach Notification Requirements
Maryanne Stanganelli reports: On May 28, 2012, the French data protection regulator (CNIL) released new guidance on breach notification laws. The guidance regards a 2011 ordinance that recently came into force on April 1. Among other things, the ordinance amends existing French data protection law (Law on Information Technology and Liberties (78-17 of 1978)) to…
NAFCU Letter to Reps. Boehner and Pelosi on Cyber/Data Security
Via CUInsight, a letter that has some recommendations many readers might agree with: April 23, 2012 The Honorable John Boehner Speaker U.S. House of Representatives Washington, D.C. 20515 The Honorable Nancy Pelosi Minority Leader U.S. House of Representatives Washington, D.C. 20515 Re: Cyber Security and Data Security Dear Speaker Boehner and Minority Leader Pelosi:\ On…
Maryland legislature passes law to help prevent child identity theft
Maryland lawmakers have approved a first-of-its-kind measure to enable parents to protect their children from having their credit damaged by identity theft. The measure, which a spokeswoman for Gov. Martin O’Malley says he is likely to sign, will allow parents to take the step of freezing their child’s credit at any time. Read more from…
Senate in search of consensus on data breach notification law may try a backdoor approach
Tony Romm writes: Congress failed to pass a new federal law last year requiring the litany of companies affected by data breaches — from gaming giant Sony to shoe e-tailer Zappos — to notify consumers. But now some lawmakers believe they have a new route for passage: the Senate’s upcoming cybersecurity reform bill. Read more…