BreachExchange mailing list archives
Groups Slam Data Breach Notification Bill
From: lyger <lyger () attrition org>
Date: Fri, 17 Mar 2006 16:21:56 -0500 (EST)
http://www.internetnews.com/security/article.php/3592416 A U.S. House panel effort to write a national data breach disclosure law is running into fierce opposition by consumer groups calling the legislation the "worst data security bill ever." Passed out of the House Financial Services Committee on a 48-17 vote late Thursday afternoon, the Financial Data Protection Act of 2005 (H.R. 3997) allows data brokers and other companies to conduct an investigation of a breach and determine if notification to consumers is necessary. The bill also allows companies that choose to protect their data with encryption to take that into consideration when determining if consumer notification is necessary in the aftermath of a breach. "We think consumers should be notified in case of a breach and it shouldn't be left to the companies to decide," Susanna Montezemolo, a policy analyst with Consumers Union, told internetnews.com. The legislation also pre-exempts any state laws mandating breach disclosures to consumers. According the Consumers Union, 11 states currently have stricter notification standards than H.R. 3997, including a California law that resulted in data broker ChoicePoint being forced into disclosing the breach of 145,000 consumer records. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/errata/dataloss/
Current thread:
- Groups Slam Data Breach Notification Bill lyger (Mar 17)