Antone Clark reports: State lawmakers are taking action to prevent another breach of sensitive data following the inadvertent release of almost 800,000 names in 2012. The House voted unanimously to approve legislation establishing guidelines for how information for Medicaid and CHIP recipients will be handled and also pushing the state to actively identify industry best…
Category: Legislation
Mandatory data breach notification law proposed in Canada
Nestor E. Arellano reports: With the Conservative government’s privacy reform bill sitting untouched after being introduced about two years ago, New Democractic Party MP Charmain Borg has introduced a private member’s bill that that would make it mandatory for organizations to report data breach incidents. Bill C-475, Borg’s proposed amendment to the federal Personal Information Protection and Electronics Document…
Bill advances to help prevent state data breaches
Sometimes the personal connection to a breach does get legislators off the dime. Lee Davidson reports: The wife of Sen. Stuart Reid, R-Ogden, was among 780,000 victims of a Utah health data security breach last March. On Wednesday, Reid passed through the Senate a bill designed to help prevent such breaches in the future. SB20,…
Cheng v. Romo and Applying Unauthorized Access Statutes to Use of Shared Passwords
Orin Kerr writes: The federal computer crime statutes punish unauthorized access to a computer. As regular readers know, courts are hopelessly divided on what this language means, and in particular what makes an access to a computer authorized versus unauthorized. In Cheng v. Romo, 2012 WL 6021369 (D. Mass. Nov. 28 2012), Judge Casper authored an…
Recent Developments — Both in the Courts and in Congress — on the Scope of the Computer Fraud and Abuse Act
Orin Kerr writes: I’ve blogged a lot on the scope of the Computer Fraud and Abuse Act, and specifically on whether using a computer in violation of a computer use policy or Terms of Service is a federal crime. I’ve been banging the drum urging courts to adopt a narrow interpretations of the Act for a decade,…
Latest Data Breach Notification Bill Won’t Go Far
Eduard Goodman of Identity Theft 911 dissects the data breach notification bill introduced last month by Rep. Toomey and finds it seriously wanting: The latest bill to address the problem of data breaches is just one of an increasingly long line of proposed federal breach notice regulations with little to no chance of becoming law…