Federal requirement to disclose database security breaches?



Fines and prison time are among the penalties envisioned under a proposed house bill. The requirement would be that businesses with database holding information on more than 10,000 people (or federal employees) would have to inform either the Secret Service or the FBI of a data security breach. (The maximum sentence would be five years.) Now, on my first read of this, I thought, well sure – any company should disclose the possible loss, theft, or breach of a database holding customer data. I still think that… but I don’t know that the focus of penalty is on the right shoulders.


I would certainly go along with heavy fines for failing to report a breach, but prison time? Shouldn’t that be reserved for the ones that actually break in and steal 10,000+ credit card numbers? For that matter, I do have a bit of the problem with the implication that it is more greivous that a single federal employees information is breached than 9,999 “civilians” (for lack of a better term…) And how is a business with less than 10,000 people supposed to identify Federal employees in their database to know that we need to report to the FBI that somebody stole 5,000 names and birthdates?

The Security fix has a story on the proposed bill… He raises another good point and that is the FBI having it’s hands full with cybercrime reports already. He goes on to really get at the issue. Cybercrime is not something that the US alone can solve. The havens for cybercriminal are worldwide and there are a variety of reasons, poverty, disdain for the U.S./West, etc. And until some of the factors that push people to cybercrime elsewhere, we will not get a handle on it here. They will be out of reach.

I don’t know if the proposed bill is the best solution to protection peoples private data. Like most things in politics it will likely go through a series of changes before it’s voted on and finalized. It will be interesting to see what threshold is held for “personal data”. That will determine if most EVERYONE that keeps a database of Donors or customers, contacts, etc… will be required to keep the FBI on speed-dial.

Related Posts

Blog Traffic Exchange Related Posts
  • Thank you NC department of revenue... I heard on the local news last night that the North Carolina Department of Revenue has lost a laptop that had ~30,000 state taxpayers information on it. Social Security numbers/etc... The report I saw that the state has setup a hotline to "teach citizens about identity theft" and have sent......
  • Sams club credit security breech? When I saw a story on incidents.org with the title PCI Compliance, I wondered what SANS was doing covering a hardware standard.... oops. PCI in this case means Payment Card Industry. It turns out that Sams Club has had a security breech that has exposed customers credit card information. The......
  • Cyberextortion The New York Times online has an article on the rise of Cyberextortion. Businesses are usually targetted. That was true in the case of the focus of this article. Apparently the person in question used stolen Internet account information and "pirated wireless access" *(unsecured, open access points?), to threaten the......
Blog Traffic Exchange Related Websites
  • The New Domestic Terrorists - People Like You WedNEWSday - March 25th, 2009   If you're a pro-lifer, support a third party candidate such as Ron Paul, Chuck Baldwin, or Bob Barr, own a copy of the anti-income tax film "America: Freedom to Fascism," or have a Gagsden "Don't Tread on Me" flag then there is a high probability......
  • Finding the Hard Truth on Your Federal Tax Burdens If you are a taxpayer (and barely a majority of working adults are), we are in the midst of a "perfect tax storm."  First, we have entered the traditional "tax season" where accountants (such as my sister) put in lots of extra hours preparing returns while trying to keep their......
  • Electric Bicycles - Maybe When I Am Older! Electric Bicycles Electric bicycles are great things if you are that way inclined. I often wished I had a motor on my bike when we are going up some steep hills. An electric bicycle, also known as an e-bike, is a bicycle with an electric motor used to power the......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site