By Ira Winkler

I recently wrote an article for ComputerWorld.com that stated the laws the Congress needs to pass to control botnets. Some people are apparently saying that I also want a national data breach notification law, and nothing is further from the truth. The reason is very simple and has to do with lobbyists.

Frankly any national data breach law will be significantly weaker than the individual state laws that exist. The fact is that lobbyists want a national law that supersedes all of the state laws, because the state laws are stronger than what their customers want. Basically when there are a great deal of individual state laws, companies have to adhere to the strongest regulations of each state. Lobbyists are now working hard to make sure that they pick and choose the weakest laws to feed to Congress.

California’s SB 1386 essentially has a national effect as so many people are live in California that just about any company with a national scope has to adhere to it. The law was actually initiated after a company lost the data of California state employees, including judges and politicians, and nobody was informed of it for a long period of time. The whole process lead to a very strong law.

So now the lobbyists are planning how to get a national law passed that weakens 1386 and has many, many exemptions. When a national law is passed, it will set data breach notification back 5 years.

Related posts:

1. Privacy Laws - A Threat To U.S. Financial Services Corporations?
2. Payroll Giant Gives Scammer Personal Data of Hundreds of Thousands of Investors
3. A Chronology of Data Breaches
4. Stop Complaining and Adhere to PCI
5. DOE’s Federated Model aims to identify security threats

Posted by Ira.Winkler on Wednesday, April 11th, 2007, at 11:32 pm, and filed under Articles.

Follow any responses to this entry with the RSS 2.0 feed.

You can post a comment, or trackback from your site.