Legislation

Proposed CFAA revisions agitate IT security community

Proposed CFAA revisions agitate IT security community

By

The security community is voicing concern over proposed revisions to the Computer Fraud and Abuse Act (CFAA) by taking to Twitter and personal blogs.

Congress to hold first data breach legislation hearing

By

The 114th Congress will meet on Tuesday, Jan. 27 to discuss potential national breach notification legislation that might require companies to notify affected customers within 30 days.

NAFCU asks Congress to create bipartisan data breach working group

NAFCU asks Congress to create bipartisan data breach working group

By

The National Association of Federal Credit Unions sent Congressional leaders a letter calling for the creation of a bipartisan working group to shape breach legislation.

Obama talks cybersecurity legislation in State of the Union

Obama talks cybersecurity legislation in State of the Union

By

The President urged Congress to pass law that would better protect the nation from emerging cyber threats.

New York AG proposes legal protections for medical data, login info

New York AG proposes legal protections for medical data, login info

By

The attorney general is pushing lawmakers to back legislation that would expand the definition of protected "private information."

On heels of Obama privacy talk, senator to reintroduce breach notification bill

On heels of Obama privacy talk, senator to reintroduce breach notification bill

By

A Florida senator is drafting the Data Security and Breach Notification Act of 2015, a year after similar legislation was introduced.

Obama to call for national breach notification law, student privacy bill

Obama to call for national breach notification law, student privacy bill

By

Speaking to the Federal Trade Commission (FTC), President Obama said he will propose a Personal Data Notification and Protection Act and a Student Data Privacy Act.

White House passes on petitions to fire Swartz prosecutors

By

The petitions called for the firing of federal prosecutors in Aaron Swartz's case.

Federal judge approves use of fake Instagram account to obtain case evidence

Federal judge approves use of fake Instagram account to obtain case evidence

By

A federal judge in New Jersey has approved of law enforcement's use of a fake Instagram account to collect evidence on a man suspected of stealing millions of dollars worth of jewelry.

Senate and House pass cybersecurity bill

By

The U.S. House of Representatives and the Senate passed to the CyberSecurity Enhancement Act of 2014, giving NIST the go-ahead to develop voluntary cyber standards for critical infrastructure.

The proliferation of mandates

The proliferation of mandates

The reality of ubiquitous reliance on ICT has given rise to the criticality of cyber security, says Cisco CSO Edna Conway.

Bill introduced, bans government mandates to build weaknesses into technologies

By

U.S. Senator Ron Wyden introduced the Secure Data Act on Thursday to prohibit federal agencies from mandating that backdoors and other security vulnerabilities be built into U.S. software and electronics.

'Stingray' requirement approved in Washington

By

Judges in Pierce County, Wash. approved a new requirement that would make law enforcement officials explicitly cite when they plan to use 'stingray' technology during an investigation.

Letter to Congress encourages 'single federal law' applying to breaches

By

A letter sent to Congressional leaders states that legislation to address data breaches should cover all entities that handle sensitive information.

EU restricts spyware exports

By

New European restrictions will require spyware manufacturers to get the EU's permission before exporting their product.

Upping the ante: PCI Security Standard

Upping the ante: PCI Security Standard

By

The latest iteration of the PCI Security Standard calls for moving beyond simply meeting compliance mandates, reports Jim Romeo.

Progress on national breach notification law may stall

By

A bill, which would require a national reporting standard, has failed to make it before the Senate or House this year.

ABA wants to automatically call and text mobiles regarding breach and fraud alerts

By

With data breach and fraud alerts in mind, the ABA filed a petition on Tuesday asking the FCC to remove "outdated regulatory restrictions" that prevent sending automated calls and texts to mobile devices.

Cyber espionage insurance

Cyber espionage insurance

A cyber liability policy covers first-party liability (property and theft) and third-party liability (privacy and data security).

LEADS Act addresses gov't procedure for requesting data stored abroad

LEADS Act addresses gov't procedure for requesting data stored abroad

By

Senators introduced the legislation last week as a means of amending the Electronic Communications Privacy Act (ECPA).

Privacy groups urge Senate leaders to pass USA Freedom Act

By

More than 40 civil liberties groups are urging Senate leaders to pass legislation that would put a halt to the NSA's data collection practices.

Senate committee OKs bill to give DHS broader security hiring authority

Senate committee OKs bill to give DHS broader security hiring authority

By

A bill introduced on Tuesday, which got the go-ahead on Wednesday, would let the DHS Secretary directly appoint cyber professionals, set basic pay and offer additional compensation.

Calif. Senate passes bill to curb federal govt data collection

By

The federal government would have to get a warrant from a judge before state officials could cooperate in collecting data on California residents.

Minnesota enacts first-ever "kill switch" law

By

The law takes effect on July 1, 2015, and would require all smartphones in the state to have a kill switch installed in case of theft.

Google ordered to allow users to delete some search results

By

Today the European Union's highest court ruled that Google must allow its search engine users to delete links about themselves in certain cases.

California lawmakers to propose mandatory "kill switch" installation

By

The new security implementation would be mandatory by Jan. 1, 2015. All phones sold in California after that date would have to have a kill switch installed.

"Aaron's Law," to amend the CFAA, introduced in Congress

"Aaron's Law," to amend the CFAA, introduced in Congress

By

A congresswoman and a senator want to reform the 30-year-old federal anti-hacking law known as the Computer Fraud and Abuse Act. They were spurred on by the death of activist and Reddit co-founder Aaron Swartz.

California law would require breach notice if online account information is stolen

By

The new legislation would amend the definition of "personal information" under the state's breach notification law.

Senators introduce bill that would flag countries, products that benefit from espionage

Senators introduce bill that would flag countries, products that benefit from espionage

By

The proposal from two Republican and two Democratic senators requires the director of national intelligence to create a "watch list" of nations suspected of cyber spying.

The great divide: Reforming the CFAA

The great divide: Reforming the CFAA

By

Aaron Swartz's death inspired Rep. Zoe Lofgren to want to reform the federal anti-hacking law, but some security pros worry this would sterilize a potent enforcement weapon, reports Dan Kaplan.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US