David E. Sanger and John Markoff report: Almost two years after outlining a broad strategy intended to strengthen the security of the nation’s computers and networks, the Obama administration said Thursday that it was sending proposed legislation to Congress that would strengthen penalties for any invasion of private computer systems. But the White House, in…
Category: Legislation
President’s cybersecurity agenda includes proposed federal data breach notification law
To cut to the chase: you can read the language of the proposed data breach notification law here. Sadly, the proposed language allows entities NOT to notify affected individuals if they conduct a risk assessment and determine that there is no risk to those whose data were breached. Other problems I see on a first…
NZ: Row brewing over privacy ‘crime’
Claire Rogers reports: A row is brewing over whether businesses should face criminal sanctions and fines if they fail to notify people of data breaches. The privacy commissioner is calling for notification of data breaches to be mandatory and for concealment to be made a crime. But Business New Zealand says criminal penalties would be…
Ca: Clement backs fines for data leaks
Sarah Schmidt reports: Industry Minister Tony Clement said Friday he’s open to the idea proposed by Canada’s privacy watchdog to give her the power to slap corporations with huge fines if they don’t protect the personal information of their customers. “I have not closed the door to it, but there would have to be additional…
Ca: Fines needed to help stem growing data breaches, Privacy Commissioner says
From the Office of the Privacy Commissioner of Canada: STRATFORD, Ontario, May 4, 2011 – An alarming trend of ever-bigger data breaches is prompting Privacy Commissioner Jennifer Stoddart to call for substantial fines against major corporations that fail to adequately protect Canadians’ personal information from preventable breaches. “I am deeply troubled by the large number…
California and Massachusetts Legislatures Push Data Breach and Security Bills
Jason C. Gavejian writes: In distinct efforts to strengthen data security requirements, the California and Massachusetts legislatures recently passed bills affecting data breach notification requirements and data security notification, respectively. On April 14, 2011, the California senate approved S.B. 24, requiring California businesses and agencies to notify the state attorney general if more than 500 California…