SlideShare a Scribd company logo

The Case for Mandatory Data Breach Disclosure Laws

Brian Honan
Brian Honan

My presentation at the NITeS seminar last year on why Ireland should introduce mandatory data breach disclouse laws

Technology
1 of 16
Download to read offline
1
Recent news headlines have brought to our attention how vulnerable our personal data is when it is in the hands of organisations to who we entrust that data to. This summer alone saw reports of the loss last year of a laptop by the Comptroller Auditor Generals office containing the personal details of over 380,000 iti 380 000 citizens, d i A during August an online retailers security was b t li t il it breached and th h d d the hackers accessed the credit card details of the retailer’s customers and in April Bank of Ireland announced they had lost a number of laptops in 2007 which contained the personal data of over 30,000 customers. 2
These incidents are worrying enough in their own right, what is of grave concern is the lack of notice those impacted by these security incidents received. Each of these issues also only came to light a number of months after the original incidents occurred leaving the sensitive personal and financial details of individuals t i k f being b i di id l at risk of b i abused b criminals. d by i i l 3
The data lost in most of these cases could provide criminals with enough information to attempt a number of crimes ranging from credit card fraud to full blown identity theft. One of the fastest growing crimes 4
While our Data Protection laws require that companies ensure they provide “adequate security” to protect the personal details of staff and customers, there is no obligation on organisations to notify individuals if those “adequate security” measures fail. Without this type of notification individuals may not be aware their personal d t il h l details have b been exposed t criminals until th th d to i i l til they themselves notice l ti unusual transactions on their credit cards, bank accounts or indeed find their credit rating has been ruined as a result of defaulted loans falsely taken out in their names 5
6
Data Protection Act Requires “adequate Security” 7
Organisations need to realise that the data they hold on staff and customers is not theirs but rather has been entrusted to them by those individuals. In this age of cyber crime and sophisticated online criminal gangs we can no longer hope that the data do not fall into the wrong hands. Individuals need to know the trust they l th placed i an organisation t k d in i ti to keep th i d t safe h b their data f has been b breached i order h d in d for them to take measures to protect themselves 8
In July 2003 the California Bill SB 1386 came into effect requiring companies or organisations to notify any Californian resident if their data has been exposed. Companies are not obliged to notify people affected by the security breach should that data be encrypted, which was not the case in the examples at the beginning f this i b i i of thi piece, or if such notification would j h tifi ti ld jeopardise an ongoing di i criminal investigation. Since 2003 over 35 other US States have implemented their own versions of the law. 9
It is interesting to note that in January 2007 the TJX Corporation, the parent company of TK MAXX stores here in Ireland, announced they had discovered a security breach that exposed over 40 million credit card details belonging to its customers. TJX admitted that the breach could also have impacted Irish customers. However, because th t H b there i no obligation on TJX t notify th affected is bli ti to tif the ff t d Irish individuals, TK MAXX customers in Ireland do not know if their details have been exposed. http://info.sen.ca.gov/pub/01-02/bill/sen/sb_1351- 1400/sb_1386_bill_20020926_chaptered.html 10
Not only have the data breach disclosure laws in the United Stated helped individuals better protect their personal and financial data but it has also been of benefit to companies. When details are disclosed by the affected company as to how the breach occurred, in the case of TJX it was insecure wireless networks, other companies can l th i learn f from th i id t and ensure their systems and d t the incident d th i t d data are secure. This is no different to hearing your neighbour’s house has been burgled, you will take steps to secure your own home. 11
The European Commission is proposing amendments to the Privacy and Electronic Communications Directive, which will be obliged telecommunications companies to notify individuals should their personal data be exposed as a result of a security breach. However, this proposal only applies t t l l li to telecommunications companies and will most lik l not i ti i d ill t likely t come into being until 2011. In that time it is likely that the proposal will be further watered down by industry lobbyists. Ireland should not wait until this the proposed amendment to the Privacy and Electronic Communications Directive come into place. We cannot wait until 2011 and now is the time that we introduce mandatory data breach disclosure laws here in Ireland so that individuals whose data is exposed as the result of a security breach are notified. This legislation could complement the existing Data Protection Act and ensure businesses that do take proper precautions are not overly burdened by this legislation. For example, as with the California SB 1386 law, companies that encrypt the personal data could be exempt from the notification requirements. http://info.sen.ca.gov/pub/01-02/bill/sen/sb_1351- 1400/sb_1386_bill_20020926_chaptered.html 12
Some will argue that data breach notification this will place yet another burden on businesses already tied up with bureaucracy and red tape. I think those supporting the argument miss the point that companies taking the required steps to protect their clients’ data will not be overly impacted by this proposal. 13
14
Ireland has taken bold steps in the past to lead the way with introducing legislation to benefit its citizens, the smoking ban and plastic bin tax, being two that come to mind. She should once more take the lead amongst our European neighbours and introduce legislation that better protects her citizens and provide an effective i f ff ti information security governance framework for businesses to follow. ti it f kf b i t f ll 15
16

Recommended

Personal Data Privacy and Information Security
Personal Data Privacy and Information SecurityPersonal Data Privacy and Information Security
Personal Data Privacy and Information SecurityCharles Mok
 
Banking Law Bulletin - 3 tips for banking lawyers to avoid the stormy cloud (...
Banking Law Bulletin - 3 tips for banking lawyers to avoid the stormy cloud (...Banking Law Bulletin - 3 tips for banking lawyers to avoid the stormy cloud (...
Banking Law Bulletin - 3 tips for banking lawyers to avoid the stormy cloud (...Tania Mushtaq
 
Sector Focus; Information Technology; Issue 1 February 2010
Sector Focus; Information Technology; Issue 1 February 2010Sector Focus; Information Technology; Issue 1 February 2010
Sector Focus; Information Technology; Issue 1 February 2010kapil_arora
 
Cloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to KnowCloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to KnowAct-On Software
 
Cloud Privacy
Cloud PrivacyCloud Privacy
Cloud PrivacyAct-On Software
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber InsuranceClubHack
 
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop
 
MA 201 CMR 17.00 Personal Identity Security
MA 201 CMR 17.00 Personal Identity SecurityMA 201 CMR 17.00 Personal Identity Security
MA 201 CMR 17.00 Personal Identity SecurityArpin Consulting
 

Recommended

Personal Data Privacy and Information Security
Personal Data Privacy and Information SecurityPersonal Data Privacy and Information Security
Personal Data Privacy and Information SecurityCharles Mok
 
Banking Law Bulletin - 3 tips for banking lawyers to avoid the stormy cloud (...
Banking Law Bulletin - 3 tips for banking lawyers to avoid the stormy cloud (...Banking Law Bulletin - 3 tips for banking lawyers to avoid the stormy cloud (...
Banking Law Bulletin - 3 tips for banking lawyers to avoid the stormy cloud (...Tania Mushtaq
 
Sector Focus; Information Technology; Issue 1 February 2010
Sector Focus; Information Technology; Issue 1 February 2010Sector Focus; Information Technology; Issue 1 February 2010
Sector Focus; Information Technology; Issue 1 February 2010kapil_arora
 
Cloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to KnowCloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to KnowAct-On Software
 
Cloud Privacy
Cloud PrivacyCloud Privacy
Cloud PrivacyAct-On Software
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber InsuranceClubHack
 
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop
 
MA 201 CMR 17.00 Personal Identity Security
MA 201 CMR 17.00 Personal Identity SecurityMA 201 CMR 17.00 Personal Identity Security
MA 201 CMR 17.00 Personal Identity SecurityArpin Consulting
 
Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesEchoworx
 
Gagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago PresentationGagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago PresentationChristina Gagnier
 
Cybertort Imp Slides For Pub. Internet
Cybertort Imp Slides For Pub. InternetCybertort Imp Slides For Pub. Internet
Cybertort Imp Slides For Pub. InternetProf. (Dr.) Tabrez Ahmad
 
1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)wright1908
 
ScifoBYODSample
ScifoBYODSampleScifoBYODSample
ScifoBYODSampleJohn M. Scifo II
 
Be aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailBe aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailLance Michalson
 
Cybertorts
CybertortsCybertorts
Cybertortspanabaha
 
1 s2.0-s0167404801002097-main
1 s2.0-s0167404801002097-main1 s2.0-s0167404801002097-main
1 s2.0-s0167404801002097-mainCaio Sanchez Christino
 
Red Flags Rule General
Red Flags Rule GeneralRed Flags Rule General
Red Flags Rule GeneralTeo Leonard
 
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Raleigh ISSA
 
Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses Maran Corporate Risk Associates, Inc.
 
Cyber liabilty
Cyber liabiltyCyber liabilty
Cyber liabiltyMaran Corporate Risk Associates, Inc.
 
E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...
E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...
E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...FAST NUCES
 
Apt 510 slideshare
Apt 510 slideshareApt 510 slideshare
Apt 510 slideshareShondaRobinson2
 
Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Sooraj Maurya
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1Sohail Gohir
 
E commerce law and ethics
E commerce law and ethicsE commerce law and ethics
E commerce law and ethicsXophia Montawal
 
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...Bernard Marr
 
Cyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation GianinoCyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation Gianino-Gianino Gino Prieto -Dynamic Connector -Insurance Strategist
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftDiane M. Metcalf
 
Prezentacja Gimnazjum Integracyjnego
Prezentacja Gimnazjum IntegracyjnegoPrezentacja Gimnazjum Integracyjnego
Prezentacja Gimnazjum Integracyjnegozuza94
 
Greek Travel Guide
Greek Travel GuideGreek Travel Guide
Greek Travel GuideTiina Sarisalmi
 

More Related Content

What's hot

Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesEchoworx
 
Gagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago PresentationGagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago PresentationChristina Gagnier
 
1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)wright1908
 
Be aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailBe aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailLance Michalson
 
Cybertorts
CybertortsCybertorts
Cybertortspanabaha
 
Red Flags Rule General
Red Flags Rule GeneralRed Flags Rule General
Red Flags Rule GeneralTeo Leonard
 
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Raleigh ISSA
 
E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...
E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...
E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...FAST NUCES
 
Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Sooraj Maurya
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1Sohail Gohir
 
E commerce law and ethics
E commerce law and ethicsE commerce law and ethics
E commerce law and ethicsXophia Montawal
 
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...Bernard Marr
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftDiane M. Metcalf
 

What's hot (20)

Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial Services
 
Gagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago PresentationGagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago Presentation
 
Cybertort Imp Slides For Pub. Internet
Cybertort Imp Slides For Pub. InternetCybertort Imp Slides For Pub. Internet
Cybertort Imp Slides For Pub. Internet
 
1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)
 
ScifoBYODSample
ScifoBYODSampleScifoBYODSample
ScifoBYODSample
 
Be aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailBe aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to email
 
Cybertorts
CybertortsCybertorts
Cybertorts
 
1 s2.0-s0167404801002097-main
1 s2.0-s0167404801002097-main1 s2.0-s0167404801002097-main
1 s2.0-s0167404801002097-main
 
Red Flags Rule General
Red Flags Rule GeneralRed Flags Rule General
Red Flags Rule General
 
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
 
Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses
 
Cyber liabilty
Cyber liabiltyCyber liabilty
Cyber liabilty
 
E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...
E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...
E commerce law, copy rights of e commerce law, trade mark of e -commerce, pri...
 
Apt 510 slideshare
Apt 510 slideshareApt 510 slideshare
Apt 510 slideshare
 
Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1
 
E commerce law and ethics
E commerce law and ethicsE commerce law and ethics
E commerce law and ethics
 
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
 
Cyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation GianinoCyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation Gianino
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity Theft
 

Viewers also liked

Prezentacja Gimnazjum Integracyjnego
Prezentacja Gimnazjum IntegracyjnegoPrezentacja Gimnazjum Integracyjnego
Prezentacja Gimnazjum Integracyjnegozuza94
 
International Day in Oriveden Keskuskoulu 2011
International Day in Oriveden Keskuskoulu 2011International Day in Oriveden Keskuskoulu 2011
International Day in Oriveden Keskuskoulu 2011Tiina Sarisalmi
 
Formative Capitalism
Formative CapitalismFormative Capitalism
Formative CapitalismANM Farukh
 
Regina drury firepole marketing presentation
Regina drury firepole marketing presentationRegina drury firepole marketing presentation
Regina drury firepole marketing presentationRegina Drury
 
10 Forecasts Bangladesh Telco Industry
10 Forecasts Bangladesh Telco Industry10 Forecasts Bangladesh Telco Industry
10 Forecasts Bangladesh Telco IndustryANM Farukh
 
Ic Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp BhIc Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp BhBrian Honan
 
Economic Control or Reform or Structural Change : Occupy the 1?
Economic Control or Reform or Structural Change : Occupy the 1?Economic Control or Reform or Structural Change : Occupy the 1?
Economic Control or Reform or Structural Change : Occupy the 1?ANM Farukh
 
Cineas Corso Taylor Made Per Zurich 28 Aprile 2010 Ramo Malattia
Cineas Corso Taylor Made Per Zurich 28 Aprile 2010 Ramo MalattiaCineas Corso Taylor Made Per Zurich 28 Aprile 2010 Ramo Malattia
Cineas Corso Taylor Made Per Zurich 28 Aprile 2010 Ramo MalattiaMarco Contini
 
Graphs healthy eating_questionnaire
Graphs healthy eating_questionnaireGraphs healthy eating_questionnaire
Graphs healthy eating_questionnaireTiina Sarisalmi
 
Using Moodle to Support Differentiated Instruction
Using Moodle to Support Differentiated InstructionUsing Moodle to Support Differentiated Instruction
Using Moodle to Support Differentiated Instructionyeske.patricia
 
Sustainable Investments Overview 2012
Sustainable Investments Overview 2012Sustainable Investments Overview 2012
Sustainable Investments Overview 2012Scott Sadler
 
The Boardwalk Difference v6.15
The Boardwalk Difference v6.15The Boardwalk Difference v6.15
The Boardwalk Difference v6.15Scott Sadler
 
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 MattinaCineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 MattinaMarco Contini
 
Tactiek verdedigen
Tactiek verdedigenTactiek verdedigen
Tactiek verdedigenJohanda
 
Nv Telecoms & It Services
Nv Telecoms & It ServicesNv Telecoms & It Services
Nv Telecoms & It Servicessepjoam
 

Viewers also liked (20)

Prezentacja Gimnazjum Integracyjnego
Prezentacja Gimnazjum IntegracyjnegoPrezentacja Gimnazjum Integracyjnego
Prezentacja Gimnazjum Integracyjnego
 
Greek Travel Guide
Greek Travel GuideGreek Travel Guide
Greek Travel Guide
 
International Day in Oriveden Keskuskoulu 2011
International Day in Oriveden Keskuskoulu 2011International Day in Oriveden Keskuskoulu 2011
International Day in Oriveden Keskuskoulu 2011
 
Formative Capitalism
Formative CapitalismFormative Capitalism
Formative Capitalism
 
Ibiza Charter Boat: DALLA PIETA 72 HT | THE DOER IBIZA. Bookings: + 34 634 54...
Ibiza Charter Boat: DALLA PIETA 72 HT | THE DOER IBIZA. Bookings: + 34 634 54...Ibiza Charter Boat: DALLA PIETA 72 HT | THE DOER IBIZA. Bookings: + 34 634 54...
Ibiza Charter Boat: DALLA PIETA 72 HT | THE DOER IBIZA. Bookings: + 34 634 54...
 
Regina drury firepole marketing presentation
Regina drury firepole marketing presentationRegina drury firepole marketing presentation
Regina drury firepole marketing presentation
 
Welcome to Dywity
Welcome to DywityWelcome to Dywity
Welcome to Dywity
 
10 Forecasts Bangladesh Telco Industry
10 Forecasts Bangladesh Telco Industry10 Forecasts Bangladesh Telco Industry
10 Forecasts Bangladesh Telco Industry
 
Ic Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp BhIc Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp Bh
 
Economic Control or Reform or Structural Change : Occupy the 1?
Economic Control or Reform or Structural Change : Occupy the 1?Economic Control or Reform or Structural Change : Occupy the 1?
Economic Control or Reform or Structural Change : Occupy the 1?
 
Cineas Corso Taylor Made Per Zurich 28 Aprile 2010 Ramo Malattia
Cineas Corso Taylor Made Per Zurich 28 Aprile 2010 Ramo MalattiaCineas Corso Taylor Made Per Zurich 28 Aprile 2010 Ramo Malattia
Cineas Corso Taylor Made Per Zurich 28 Aprile 2010 Ramo Malattia
 
Graphs healthy eating_questionnaire
Graphs healthy eating_questionnaireGraphs healthy eating_questionnaire
Graphs healthy eating_questionnaire
 
Let's go home
Let's go homeLet's go home
Let's go home
 
Using Moodle to Support Differentiated Instruction
Using Moodle to Support Differentiated InstructionUsing Moodle to Support Differentiated Instruction
Using Moodle to Support Differentiated Instruction
 
Sustainable Investments Overview 2012
Sustainable Investments Overview 2012Sustainable Investments Overview 2012
Sustainable Investments Overview 2012
 
The Boardwalk Difference v6.15
The Boardwalk Difference v6.15The Boardwalk Difference v6.15
The Boardwalk Difference v6.15
 
Voimaa verkostoitumalla
Voimaa verkostoitumallaVoimaa verkostoitumalla
Voimaa verkostoitumalla
 
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 MattinaCineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
 
Tactiek verdedigen
Tactiek verdedigenTactiek verdedigen
Tactiek verdedigen
 
Nv Telecoms & It Services
Nv Telecoms & It ServicesNv Telecoms & It Services
Nv Telecoms & It Services
 

Similar to The Case for Mandatory Data Breach Disclosure Laws

Data Breaches
Data BreachesData Breaches
Data Breachessstose
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?Hayden McCall
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilityDFickett
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...Symantec
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxadampcarr67227
 
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? Abraham Vergis
 
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfThe Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfProtected Harbor
 
Cyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryCyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryFerrariT1
 
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
 
Massachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws PresentationMassachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws Presentationbillanetworks
 
Surveillance Coursework (COMPLETED-2
Surveillance Coursework (COMPLETED-2Surveillance Coursework (COMPLETED-2
Surveillance Coursework (COMPLETED-2Matthew MacNabb
 
Privacy Breaches In Canada It.Can May 1 2009
Privacy Breaches In Canada It.Can May 1 2009Privacy Breaches In Canada It.Can May 1 2009
Privacy Breaches In Canada It.Can May 1 2009canadianlawyer
 
French Digital Republic Act
French Digital Republic ActFrench Digital Republic Act
French Digital Republic ActJan Dhont
 
Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?Druva
 
Pubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkPubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkMatt Siltala
 
All's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber WarfareAll's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber WarfareNationalUnderwriter
 
Under Lock And Key
Under Lock And KeyUnder Lock And Key
Under Lock And KeyYarko Petriw
 

Similar to The Case for Mandatory Data Breach Disclosure Laws (20)

Data Breaches
Data BreachesData Breaches
Data Breaches
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liability
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
 
IDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfIDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By Wrf
 
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore?
 
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfThe Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
 
Cyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryCyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care Industry
 
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
 
Massachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws PresentationMassachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws Presentation
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
 
Surveillance Coursework (COMPLETED-2
Surveillance Coursework (COMPLETED-2Surveillance Coursework (COMPLETED-2
Surveillance Coursework (COMPLETED-2
 
Privacy Breaches In Canada It.Can May 1 2009
Privacy Breaches In Canada It.Can May 1 2009Privacy Breaches In Canada It.Can May 1 2009
Privacy Breaches In Canada It.Can May 1 2009
 
French Digital Republic Act
French Digital Republic ActFrench Digital Republic Act
French Digital Republic Act
 
Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?
 
Pubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkPubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David Mink
 
All's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber WarfareAll's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber Warfare
 
Under Lock And Key
Under Lock And KeyUnder Lock And Key
Under Lock And Key
 
20140317eyinformationsupp
20140317eyinformationsupp20140317eyinformationsupp
20140317eyinformationsupp
 

More from Brian Honan

Brian honan ipexpo keynote
Brian honan ipexpo keynoteBrian honan ipexpo keynote
Brian honan ipexpo keynoteBrian Honan
 
GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?Brian Honan
 
Ransomware Prevention Guide
Ransomware Prevention GuideRansomware Prevention Guide
Ransomware Prevention GuideBrian Honan
 
The dark side of the internet
The dark side of the internetThe dark side of the internet
The dark side of the internetBrian Honan
 
Data security brian honan
Data security brian honanData security brian honan
Data security brian honanBrian Honan
 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Brian Honan
 
Incident Response in the Cloud
Incident Response in the CloudIncident Response in the Cloud
Incident Response in the CloudBrian Honan
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network SecurityBrian Honan
 
Bridging the air gap
Bridging the air gapBridging the air gap
Bridging the air gapBrian Honan
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident responseBrian Honan
 
Learning from History
Learning from HistoryLearning from History
Learning from HistoryBrian Honan
 
Incident response cloud
Incident response cloudIncident response cloud
Incident response cloudBrian Honan
 
Preparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident ResponsePreparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident ResponseBrian Honan
 
Best practises for log management
Best practises for log managementBest practises for log management
Best practises for log managementBrian Honan
 
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & ScreenLayer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & ScreenBrian Honan
 
Creating a CERT at WARP Speed
Creating a CERT at WARP SpeedCreating a CERT at WARP Speed
Creating a CERT at WARP SpeedBrian Honan
 
Knowing Me Knowing You
Knowing Me Knowing YouKnowing Me Knowing You
Knowing Me Knowing YouBrian Honan
 
Scare Ware From Ireland
Scare Ware From IrelandScare Ware From Ireland
Scare Ware From IrelandBrian Honan
 

More from Brian Honan (20)

Brian honan ipexpo keynote
Brian honan ipexpo keynoteBrian honan ipexpo keynote
Brian honan ipexpo keynote
 
GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?
 
Ransomware Prevention Guide
Ransomware Prevention GuideRansomware Prevention Guide
Ransomware Prevention Guide
 
Brian honan
Brian honanBrian honan
Brian honan
 
The dark side of the internet
The dark side of the internetThe dark side of the internet
The dark side of the internet
 
Data security brian honan
Data security brian honanData security brian honan
Data security brian honan
 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...
 
Incident Response in the Cloud
Incident Response in the CloudIncident Response in the Cloud
Incident Response in the Cloud
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network Security
 
Bridging the air gap
Bridging the air gapBridging the air gap
Bridging the air gap
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident response
 
Learning from History
Learning from HistoryLearning from History
Learning from History
 
Incident response cloud
Incident response cloudIncident response cloud
Incident response cloud
 
Preparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident ResponsePreparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident Response
 
Best practises for log management
Best practises for log managementBest practises for log management
Best practises for log management
 
Cloud security
Cloud securityCloud security
Cloud security
 
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & ScreenLayer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
 
Creating a CERT at WARP Speed
Creating a CERT at WARP SpeedCreating a CERT at WARP Speed
Creating a CERT at WARP Speed
 
Knowing Me Knowing You
Knowing Me Knowing YouKnowing Me Knowing You
Knowing Me Knowing You
 
Scare Ware From Ireland
Scare Ware From IrelandScare Ware From Ireland
Scare Ware From Ireland
 

Recently uploaded

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 

Recently uploaded (20)

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

The Case for Mandatory Data Breach Disclosure Laws

  • 1. 1
  • 2. Recent news headlines have brought to our attention how vulnerable our personal data is when it is in the hands of organisations to who we entrust that data to. This summer alone saw reports of the loss last year of a laptop by the Comptroller Auditor Generals office containing the personal details of over 380,000 iti 380 000 citizens, d i A during August an online retailers security was b t li t il it breached and th h d d the hackers accessed the credit card details of the retailer’s customers and in April Bank of Ireland announced they had lost a number of laptops in 2007 which contained the personal data of over 30,000 customers. 2
  • 3. These incidents are worrying enough in their own right, what is of grave concern is the lack of notice those impacted by these security incidents received. Each of these issues also only came to light a number of months after the original incidents occurred leaving the sensitive personal and financial details of individuals t i k f being b i di id l at risk of b i abused b criminals. d by i i l 3
  • 4. The data lost in most of these cases could provide criminals with enough information to attempt a number of crimes ranging from credit card fraud to full blown identity theft. One of the fastest growing crimes 4
  • 5. While our Data Protection laws require that companies ensure they provide “adequate security” to protect the personal details of staff and customers, there is no obligation on organisations to notify individuals if those “adequate security” measures fail. Without this type of notification individuals may not be aware their personal d t il h l details have b been exposed t criminals until th th d to i i l til they themselves notice l ti unusual transactions on their credit cards, bank accounts or indeed find their credit rating has been ruined as a result of defaulted loans falsely taken out in their names 5
  • 6. 6
  • 7. Data Protection Act Requires “adequate Security” 7
  • 8. Organisations need to realise that the data they hold on staff and customers is not theirs but rather has been entrusted to them by those individuals. In this age of cyber crime and sophisticated online criminal gangs we can no longer hope that the data do not fall into the wrong hands. Individuals need to know the trust they l th placed i an organisation t k d in i ti to keep th i d t safe h b their data f has been b breached i order h d in d for them to take measures to protect themselves 8
  • 9. In July 2003 the California Bill SB 1386 came into effect requiring companies or organisations to notify any Californian resident if their data has been exposed. Companies are not obliged to notify people affected by the security breach should that data be encrypted, which was not the case in the examples at the beginning f this i b i i of thi piece, or if such notification would j h tifi ti ld jeopardise an ongoing di i criminal investigation. Since 2003 over 35 other US States have implemented their own versions of the law. 9
  • 10. It is interesting to note that in January 2007 the TJX Corporation, the parent company of TK MAXX stores here in Ireland, announced they had discovered a security breach that exposed over 40 million credit card details belonging to its customers. TJX admitted that the breach could also have impacted Irish customers. However, because th t H b there i no obligation on TJX t notify th affected is bli ti to tif the ff t d Irish individuals, TK MAXX customers in Ireland do not know if their details have been exposed. http://info.sen.ca.gov/pub/01-02/bill/sen/sb_1351- 1400/sb_1386_bill_20020926_chaptered.html 10
  • 11. Not only have the data breach disclosure laws in the United Stated helped individuals better protect their personal and financial data but it has also been of benefit to companies. When details are disclosed by the affected company as to how the breach occurred, in the case of TJX it was insecure wireless networks, other companies can l th i learn f from th i id t and ensure their systems and d t the incident d th i t d data are secure. This is no different to hearing your neighbour’s house has been burgled, you will take steps to secure your own home. 11
  • 12. The European Commission is proposing amendments to the Privacy and Electronic Communications Directive, which will be obliged telecommunications companies to notify individuals should their personal data be exposed as a result of a security breach. However, this proposal only applies t t l l li to telecommunications companies and will most lik l not i ti i d ill t likely t come into being until 2011. In that time it is likely that the proposal will be further watered down by industry lobbyists. Ireland should not wait until this the proposed amendment to the Privacy and Electronic Communications Directive come into place. We cannot wait until 2011 and now is the time that we introduce mandatory data breach disclosure laws here in Ireland so that individuals whose data is exposed as the result of a security breach are notified. This legislation could complement the existing Data Protection Act and ensure businesses that do take proper precautions are not overly burdened by this legislation. For example, as with the California SB 1386 law, companies that encrypt the personal data could be exempt from the notification requirements. http://info.sen.ca.gov/pub/01-02/bill/sen/sb_1351- 1400/sb_1386_bill_20020926_chaptered.html 12
  • 13. Some will argue that data breach notification this will place yet another burden on businesses already tied up with bureaucracy and red tape. I think those supporting the argument miss the point that companies taking the required steps to protect their clients’ data will not be overly impacted by this proposal. 13
  • 14. 14
  • 15. Ireland has taken bold steps in the past to lead the way with introducing legislation to benefit its citizens, the smoking ban and plastic bin tax, being two that come to mind. She should once more take the lead amongst our European neighbours and introduce legislation that better protects her citizens and provide an effective i f ff ti information security governance framework for businesses to follow. ti it f kf b i t f ll 15
  • 16. 16