[Dataloss] [vanderaj at greebo.net: SF new column announcement:Strict liability for data breaches?]
Mike Fratto
mfratto at gmail.com
Wed Feb 22 12:21:21 EST 2006
On 2/21/06, MariaParedes at financial.wellsfargo.com
<MariaParedes at financial.wellsfargo.com> wrote:
> I completely agree on having the IT community provide input on the technical aspects for each of those acts.
So it sounds like there are enough people on this list with an
interest in making or seeing change. Well, let's do something about
it. It your and my data that is at risk. We know what works with orgs,
hit them in the wallet or at least threaten to.
Let me express my ignorance on the US political machine, but how do
you go about effecting change in existing regulations or getting new
ones enacted? I haven't heard boo from Congress about a federal
notification law (though there are several state ones) so I don't know
what the status is there, but I would like to see stiff penalties both
civil and criminal for PII data loss and I would like to see existing
regulations changed or new ones enacted that provides more clear
guidance about required security functionality.
mike
More information about the Dataloss
mailing list