[Dataloss] Analysis: Data breach notification law unlikely this year
lyger
lyger at attrition.org
Fri May 5 12:24:50 EDT 2006
http://computerworld.com/securitytopics/security/story/0,10801,111197,00.html
News Story by Grant Gross
MAY 05, 2006 (IDG NEWS SERVICE) - In the wake of a series of data breaches
in early 2005, the U.S. Congress seemed ready to move quickly on
legislation that would require companies to notify customers when their
personal information had been compromised.
Now, more than a year after data breaches at ChoicePoint Inc. and
LexisNexis set off a national debate about identification theft and data
security, time is running out for Congress to pass a law before it
finishes business this year. Some proponents of a national breach
notification law say it's unlikely that Congress will be able to pass a
law by then.
Lawmakers have introduced more than 10 bills dealing with data breach
notification since early 2005. The bills differ in several ways, including
varying requirements about when a breached company should notify customers
and whether consumers should be able to freeze their credit reports
following a breach.
Beyond the confusion about the differences in the bills, five
congressional committees have claimed jurisdiction over some of the data
breach bills. "It's certainly a popular and pro-consumer issue to tackle,"
said David Sohn, a staff counsel at the Center for Democracy and
Technology, a privacy and civil rights advocacy group. "It's difficult to
see how Congress will reconcile all the bills."
[...]
More information about the Dataloss
mailing list