Slashdot Mirror


The Data Accountability and Trust Act (DATA)

An anonymous reader writes "The U.S. House of Representatives will soon be considering the Data Accountability and Trust Act (DATA). If passed it would require all companies to inform customers of security breaches that affect their personal data. The bill requires consumers to be told if their privacy has been violated because of a breach. Under the proposals, if a breach does occur, a company must notify any customers concerned and the FTC, which can then demand an audit."

3 of 170 comments (clear)

  1. Re:So how much is this going to cost? by Anonymous Coward · · Score: -1, Troll

    Sure I do! And I should be able to own guns, too. And tanks! Hell, if I want an entire nuclear equiped strike fighter squadron, that's my own damn business!

    In fact, I'm going to start a corporation that manufacturers heavy assult artilary. For young children. And I'll use even younger children for my workforce! Screw you, US Government!

  2. Safest to start using OpenBSD now. by CyricZ · · Score: -1, Troll

    The safest thing for many companies to do, especially smaller ones, it institute the use of OpenBSD. While it doesn't provide 100% protection, by any means, it does offer a far higher level of security than is offered by most other operating systems.

    Even if a company can't transition their entire network to OpenBSD, switching servers that require a high level of security over to OpenBSD is often a very good idea. In the remote chance that a security breach does happen (perhaps due to a misconfigured MySQL installation, a PHP flaw, an ftpd exploit, etc.), at least they could say that they had put some effort towards using highly secure systems.

    --
    Cyric Zndovzny at your service.
  3. Unconstitutional and Unnecessary by dada21 · · Score: 1, Troll

    The US Congress has no mandate in the Constitution offering them any power over consumer privacy or information. The Interstate Commerce Clause was written to give the Federal government power to regulate the states to prevent them from taxing, tariffing or embarging interstate commerce: it was not meant to regulate commerce in any other way.

    This is an unnecessary law. If you make a contract to trade with a party, put in the agreement that you want your information to be private and you want them to notify you of any breach of that agreement. If the company won't do business with you, don't buy from them -- if you want a cheap price, you might be willing to forgo this contract feature.

    All my customers have in my contract agreement a stipulation that we both will notify the other in the event of identity or security breach. I don't buy anything from anyone without making sure I am protected -- and basic tort and contract law protects me in this case.

    Of course this law has nothing to do with protecting consumers but with increasing Congress' control over individuals and businesses and offering a new layer of deterrence for the average person to go into business. We could replace much of the FTC with more realistic tort regulations rather than creating new laws where none are needed.

    In my answer, the lawyers would win in the short run but standard contract agreements would put them on the bankburner. In Congress' solution, the lawyers win all around.