Yeah, A Class-Action Suit Will Help Search... >>
<< Paid Social-Networking Model Doesn't Pack Much...
 tdicon 


Legal Issues

by Joseph Weisenthal

Tue, Sep 26th 2006 10:33am





Proposed Law Demands Federal Agencies Just Do Something About Data Breaches

from the looking-out-for-us dept

In the wake of the embarrassing laptop thefts at the VA and the Census Bureau, it was only a matter of time before some politician moved to pass a law to "do something" about the problem. Politicians, of course, love to appear as if they're doing something to help right past wrongs, so it's almost surprising that it took until now for Rep. Tom Davis to introduce the Federal Agency Data Breach Protection Act. You'd think with a name like that, the law would actually try to solve the data breach problem, but again, it's all about appearance. If you actually read the bill (.pdf), you'll see that there's nothing substantive in it; it's just a call for agencies to develop guidelines to deal with the problem. If federal agencies actually needed a law to spur them to develop guidelines, that's depressing. What's more likely is that the whole thing was cooked up to make Tom Davis, and whatever other Representatives sponsor the bill, look good during election season.

5 Comments | Leave a Comment..


If you liked this post, you may also be interested in...
 

Reader Comments (rss)

(Flattened / Threaded)

  1.  

    well...

    identicon
    PhysicsGuy, Sep 26th, 2006 @ 11:29am

    what the agencies need is a law that has serious consequences if there is a data breach. what the consequences would be i'll leave up to the law makers and your imagination.

    reply to this | link to this | view in thread ]

  2.  

    Re: well...

    identicon
    PhysicsGuy, Sep 26th, 2006 @ 11:30am

    i should clarify, no serious consequences if the data is on a network and breached by hackers or anything of the sort. i mean, consequences if they commit a "put my personal information on a laptop and leave it on a park bench" type breach...

    reply to this | link to this | view in thread ]

  3.  

    Re: Re: well...

    identicon
    Anonymous Coward, Sep 26th, 2006 @ 11:54am

    Uh, I disagree.

    I fthey cant be bothered to secure their networks, they are just as guilty as leaving a laptop on a park bench.

    Security is not a one-step process

    reply to this | link to this | view in thread ]

  4.  
    identicon
    anonymous coward, Sep 26th, 2006 @ 2:06pm

    employee and immediate supervisor are terminated, agency head loses one full month of pay/benefits, and the agency has $10K reduced from its next year's budget for each name exposed.

    problem solved.

    reply to this | link to this | view in thread ]

  5.  

    Re: Re: Re: well...

    identicon
    PhysicsGuy, Sep 26th, 2006 @ 6:21pm

    and if an previously unknown exploit is discovered and the admin hasn't been able to accomodate for it? sure, if thousands of identities get stolen through a netbios hack then yes, the admin messed up... but this isn't always the case.

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>


Yeah, A Class-Action Suit Will Help Search... >>
<< Paid Social-Networking Model Doesn't Pack Much...
 tdicon 

A word from our Sponsors...
Follow Techdirt
Flattr rss rss

Powered by Postrank

From the Techdirt Archive...
A word from our Sponsors...

Close

Email This