Will Congress act on notification legislation?

Powered by SC Magazine
 

Nearly six months into the term of the 110th Congress, it's unclear whether significant federal breach notification legislation will be passed before the November 2008 general election, breach experts said today.

Milo Cividanes, a partner at Venable LLC., said today that with eight bills in either US House or Senate committee, it’s far from a done deal that a notification bill will be passed by January 2009.

"You would’ve thought that with all of the headlines in 2005," Congress would have passed notification legislation," Cividanes said, speaking at the International Association of Privacy Professionals’ Practical Privacy Series, held today in New York City.

It’s uncertain "whether we are going to get legislation out of this Congress, or whether [a notification law] would get bunched in with some other privacy legislation," he said. "It is not clear if Congress will bring relief to this area anytime soon."

Cividanes said it was also unclear how any new federal legislation would affect local breach notification laws. Thirty-eight jurisdictions, including states and territories, have passed such laws.

In recent years, especially since the landmark ChoicePoint breach of 2005, the prevention of data breaches has become an information security priority. The Privacy Rights Clearinghouse as estimated that breaches have compromised the personal information of more than 155 million Americans.

Meanwhile, William J. Cook, chairman of business continuity and security practices at Wildman, Harrold, Allen and Dixon LLP, urged businesses to use the US Secret Service and other federal agencies as resources in the event of a data breach — many of which are the result of routine thefts.

"Probably a laptop that was stolen was [stolen by] someone who has a drug problem, or it was just a smash and grab situation," he said, adding that victimisd companies should immediately investigate to see whether any regulations have been violated.

Cook also said that customer lawsuits following a breach would become more frequent.

"This is something that we’re going to have to live with for the foreseeable future," he said.

Will Congress act on notification legislation?
 
 
 
Top Stories
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Telcos finally briefed on data retention details
Update: AGD offers list of data to be stored.
 
Qld Health hires short-term CIO, CTO
Ray Brown leaves after five years at IT helm.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  67%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  12%
 
Denial of service attacks
  7%
 
Insider threats
  11%
TOTAL VOTES: 557

Vote