posted on Aug, 24 2005 @ 09:25 AM
There is a movement in Washington that will give companies the ability to not notify customers if they experience a security breach that jeopardizes
the customer's information. All of the current bills in both the House and Senate will set up "triggers" that will have to be met before a company
has to notify customers. The company can suffer a breach in security but if they cannot find evidence that the breach will harm their customers then
the company would not have to notify them. Most of these bills are worded so that they will trump any states laws that differ. There are now 19 states
that require companies that deal with personal data to inform their customers of any security breaches of this information.
In the last few years, 19 states have enacted laws requiring credit card companies, financial institutions and other parties dealing with personal
data to notify individuals when their information is breached. But advocates of full disclosure say a movement is afoot in Washington to weaken these
laws by giving companies more flexibility over whether or not they have to notify customers.
"We have millions of Americans who become victims of identity theft each year, and we need to do as much as possible to lower that number," said
Susanna Montezemolo, policy analyst for the Consumers Union, which is lobbying Congress for tough security and privacy standards.
"States have been innovators in regard to identity security; we want to know that the state will still be able to come out with effective
solutions," Montezemolo told FOXNews.com.
Please visit the link provided for the complete story.
I am sorry but this "movement" is so bad that it is not even funny! To leave it up to companies to determine that a customer will suffer harm from
having their information stolen through a security breach is tantamount to allowing the tobacco companies proving that cigarette smoking is
In today's day and age, any decent code junky can easily perform a data mine operation that will only gather portions of information from various
parts of a database, put them together and come up with a goldmine. If the parts of the information that is stolen were to be evaluated on an
individual basis, a company can easily demonstrate that their customers security and safety has not been affected by the breach.
Related News Links:
[edit on 10-9-2005 by DJDOHBOY]