Tanya Forsheit reports: As we noted earlier this week, Massachusetts indicated late last week it would issue its last round of amendments to its data security regulations scheduled to take effect March 1, 2010, 201 CMR 17.00. The last round of amendments are not particularly significant, although it is worth noting that, contrary to the…
Category: Legislation
Accountants Want Out from New Identity Theft Rules, Just Like Lawyers
Jordan Weissmann writes: Fresh off the American Bar Association’s success fending off the application of new anti-identity theft regulations to lawyers, a trade group representing certified public accountants has filed its own lawsuit over the rules. The American Institute of Certified Public Accountants, represented by Fried, Frank, Harris, Shriver & Jacobson partners Daniel Loeb and…
Federal Data Security Law: ‘Careful What You Wish For’
Bill Brenner writes: A federal cybersecurity law edged closer to reality late last week when the Senate Judiciary Committee approved a bill to protect the personal data of Americans. The bill is a bipartisan effort sponsored by Chairman Patrick Leahy, D-Vt., and co-sponsored by former Chairman Orrin Hatch, R-Utah, that would, among other things, force…
Senate Panel Clears Data Breach Bills
Eric Chabrow reports: The Senate Judiciary Committee Thursday approved two companion bills that would require businesses and government agencies to notify individuals of security breaches involving sensitive personally identifiable information. Both bills go to the Senate for consideration. The Personal Data Privacy and Security Act, or S. 1490, designates as fraud unauthorized access of sensitive…
EU: Telcos’ data breach notification amendment is passed
From Out-Law.com: The European Council has approved a data breach notification rule for Europe’s telecoms firms. The amendment to an EU Directive will force telcos to tell customers if they lose their data. The European Parliament and Commission have already approved the amendments, which will become law after it has been published in the EU’s…
FTC extends enforcement deadline for Red Flags rule to 2010
From the why-am-I-not-surprised dept: At the request of Members of Congress, the Federal Trade Commission is delaying enforcement of the “Red Flags” Rule until June 1, 2010, for financial institutions and creditors subject to enforcement by the FTC. The Rule was promulgated under the Fair and Accurate Credit Transactions Act, in which Congress directed the…