Elaine Edwards reports: A code of practice that would have forced organisations to report cases where personal data was stolen or compromised cannot be enforced because it was not put before the Oireachtas prior to the dissolution of the last Dáil. Data Protection Commissioner Billy Hawkes approved the code last year to help organisations to…
Category: Legislation
States Jump Into the Security Breach Breach
Wayne Josel and Cindy Lo write: As discussed in our recent webinar “Whose Data Is It Anyway: Privacy in the De-Centralized Digital World”, currently there is no comprehensive federal statutory scheme to govern the protection of privacy. While lawmakers and agencies at the federal level continue to grapple with developing useful legislation to address privacy…
Congress Has The Sense It Should Enact A Comprehensive Data Security Law
Joseph Lazzarotti writes: Together with some other U.S. Senators who have offered data security laws in recent years, Senate Majority Leader Harry Reid introduced S.21 on January 25. The bill, a “sense of Congress” bill, urges the passage of a comprehensive law to address cybersecurity, without making any changes to current law. This bill is important in that it…
California Legislature to take up data breach notification proposal
A new year, a new governor, the same old problem and perhaps the same solution. State Sen. Joe Simitian, D-Palo Alto, has introduced a bill that he says will enhance consumer privacy protection by strengthening the notification requirements when databases of personal information are compromised. It’s the same bill that the Legislature passed last year…
Today’s Award for the Silliest Theory of the Computer Fraud and Abuse Act
Orin Kerr, a law professor and former attorney in the DOJ who worked in the computer crimes division, has a commentary on a lawsuit involving CFAA claims that’s interesting in terms of defining the scope of what the Computer Fraud and Abuse covers – and shouldn’t cover: Today’s Award for the Silliest Theory of the…
New report: Data Breach Notifications in Europe
The EU’s ‘cyber security’ Agency ENISA, (the European Network and Information Security Agency) has today issued a report on Data Breach Notifications. The EU data breach notification (DBN) requirement for the electronic communications sector in the ePrivacy Directive (2002/58/EC) is vital to increase in the long term the level of data security in Europe. The…