No One Disclosing Security Breaches, Despite New Law

from the law?--what-law? dept

There was a lot of hype earlier this year when the California law requiring companies (even those not in California) to tell any California customers whose private data may have been exposed in a security breach. Some were afraid there would be a deluge of such reports – often when no actual information had gotten out. However, since the law went into effect there’s been an awful lot of silence. Before the law most companies liked to keep as quiet as possible – and after the law went into effect, nothing has changed. Basically, most companies would much rather keep things secret and fix the problem than reveal it, no matter what the law says. In some cases, the companies simply don’t realize that their data has been exposed, but plenty of companies, I’m sure, are just trying to handle the problem internally – whether they know about the law or not. There’s been some talk about using this law as a model for federal legislation, and results would likely be the same. About the only cases where this law will go into effect is in punishing companies down the road after it’s been discovered they violated it (willingly or not).

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...