No One Disclosing Security Breaches, Despite New Law

from the law?--what-law? dept

There was a lot of hype earlier this year when the California law requiring companies (even those not in California) to tell any California customers whose private data may have been exposed in a security breach. Some were afraid there would be a deluge of such reports - often when no actual information had gotten out. However, since the law went into effect there's been an awful lot of silence. Before the law most companies liked to keep as quiet as possible - and after the law went into effect, nothing has changed. Basically, most companies would much rather keep things secret and fix the problem than reveal it, no matter what the law says. In some cases, the companies simply don't realize that their data has been exposed, but plenty of companies, I'm sure, are just trying to handle the problem internally - whether they know about the law or not. There's been some talk about using this law as a model for federal legislation, and results would likely be the same. About the only cases where this law will go into effect is in punishing companies down the road after it's been discovered they violated it (willingly or not).


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This