Will Congress act on notification legislation?

Powered by SC Magazine
 

Nearly six months into the term of the 110th Congress, it's unclear whether significant federal breach notification legislation will be passed before the November 2008 general election, breach experts said today.

Milo Cividanes, a partner at Venable LLC., said today that with eight bills in either US House or Senate committee, it’s far from a done deal that a notification bill will be passed by January 2009.

"You would’ve thought that with all of the headlines in 2005," Congress would have passed notification legislation," Cividanes said, speaking at the International Association of Privacy Professionals’ Practical Privacy Series, held today in New York City.

It’s uncertain "whether we are going to get legislation out of this Congress, or whether [a notification law] would get bunched in with some other privacy legislation," he said. "It is not clear if Congress will bring relief to this area anytime soon."

Cividanes said it was also unclear how any new federal legislation would affect local breach notification laws. Thirty-eight jurisdictions, including states and territories, have passed such laws.

In recent years, especially since the landmark ChoicePoint breach of 2005, the prevention of data breaches has become an information security priority. The Privacy Rights Clearinghouse as estimated that breaches have compromised the personal information of more than 155 million Americans.

Meanwhile, William J. Cook, chairman of business continuity and security practices at Wildman, Harrold, Allen and Dixon LLP, urged businesses to use the US Secret Service and other federal agencies as resources in the event of a data breach — many of which are the result of routine thefts.

"Probably a laptop that was stolen was [stolen by] someone who has a drug problem, or it was just a smash and grab situation," he said, adding that victimisd companies should immediately investigate to see whether any regulations have been violated.

Cook also said that customer lawsuits following a breach would become more frequent.

"This is something that we’re going to have to live with for the foreseeable future," he said.

Will Congress act on notification legislation?
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  19%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1883

Vote
Do you support the abolition of the Office of the Information Commissioner?