Slashdot Mirror

← Back to Stories (view on slashdot.org)

Senate Introduces Strong Privacy Bill

Posted by samzenpus on from the protect-yourself-at-all-times dept.

amigoro writes "US Senators introduced a bill that better protects the privacy of citizens' personal information in the face of data security breaches across the country. Key features of the bipartisan legislation include increasing criminal penalties for identity theft involving electronic personal data and making it a crime to intentionally or willfully conceal a security breach involving personal data."

2 of 176 comments (clear)

  1. Won't Stop Hackers, Might Scare Hackees by gbulmash · · Score: 5, Interesting

    I think the more important aspect is the increased penalties for willfully concealing a security breach. Increasing criminal penalties is of varying value. One of the reasons criminals commit crimes is because they think they won't get caught, so whether they risk 2 years in jail or 4 isn't going to matter that much to them.

    But increasing penalties for willfully covering up a data breach may have more effect. As we've seen, bigger breaches cannot be kept secret for long. There are too many ways for them to be ferreted out. Furthermore, the people who would be in a position to conceal a data breach are often people who are more afraid of jail than those who willfully commit crimes like identity theft.

    Of course, what I'd really like to see is a death penalty for spammers.

    - Greg

    --
    Start a happiness pandemic
  2. Make It Cost Prohibitive To Store Too Much PD by Anonymous Coward · · Score: 5, Interesting

    A fundemental personal privacy/personal data concept that should be the basis of all laws governing how businesses and governments handle and are responsible for personal data should be liability for PD loss/leakage is directly proportional to the amount of PD per individual.

    For example, your company leaks:

    1) Addresses
    2) SSN
    3) Email addresses

    That will give you three times the liability of a company that leaks:

    1) Address

    Make it financially worthwhile for companies to store the absolute minimum PD necessary to operate their business and to create the incentive to delete all unnecessary data at the earliest opportunity.

    With storage so cheap and the liability for companies or governments essentially divorced from the actual damage done to personal privacy breaches there is absolutely no reason for any company to store every bit of PD about you on their(insecure) systems.