More Data Breaches and Problems
Now let's take a look at some of the recent data breaches in the news:
So what is being done about all of these data breaches? Well, the US House of Representatives is doing something. In late March 2006 the U.S. House Energy and Commerce Committee passed legislation forcing data brokers to disclose security breaches to the public. The Data Accountability and Trust Act (or DATA) would place new requirements on data brokers to notify the public if there is a "reasonable risk" of identity theft associated with a data breach. I think this could be a good first step. (More about the Data Accountability and Trust Act can be found in this article at Internet News.
Also, it is important to note that 22 states have passed laws requiring that individuals be notified of security breaches. The catalyst for requiring companies to report data breaches to affected customers and individuals was the California data breach law enacted in 2003. The Consumers Union web site provides lists of states enacting security breach laws and security freeze laws.
For those questioning the difference between a security breach law and a security freeze law: a security breach law defines who, when, and how to contact people whose data has been surreptitiously accessed. A security freeze enables consumers to stop identity thieves from getting credit in their names. A security freeze locks, or freezes, access to consumer credit reports and credit scores. Both are important.
Keep checking back here for more information about data breaches and data security. I'm going to keep me "eyes open" and on top of this topic here.