Search This Blog

Monday, August 06, 2007


We’re already seven months into the 110th Congress controlled by the Democrats—you know, the party of the people—and not only is there no meaningful data breach legislation passed, but there doesn’t seem to be the slightest chance it will happen before 2008…if then. According to Milo Cividanes, privacy attorney writing for SC Magazine, it’s not likely to occur until 2009. So far, the U.S. Congress has left it up to the states to protect consumer rights, and thirty-eight of them have passed data breach laws. However, most are weak in that they allow the breaching company to decide if the breach is serious enough to put the consumer at risk. I think it has become relatively apparent that we cannot trust the kind of company or government agency that allows its employees to take home sensitive consumer data on laptops and storage devices to understand the significance of notification in a data breach. California’s SB 1386, the law that stopped ChoicePoint in their tracks in February of 2005, requiring them to notify 163,000 consumers that their private information had been stolen, is the only state law that does not have the “deemed to be at risk” clause. This breach, of course, started the data rolling, and we are now the proud owners of a record of 640 breaches since 2005, exposing almost 159 million personal records. It is true that the Iraq war is consuming this Congress today, but it is also the Iraq war that prompted the need for more privacy protection from a White House bent on spying on innocent American households. The incompetence of this administration also makes it frightening to those who understand how easy it is to pry into our lives with so little information. If you are interested in what the “independents” are doing right now, go to the Committee for a Unified Independent Party, Inc. (CUIP) site for more information.

No comments: