Law aims to reduce identity theft

Tuesday, 1 July 2003, 12:52 PM EST

The Security Breach Information Act (S.B. 1386), which goes into effect Tuesday, requires companies that do business in California or that have customers in the state to notify consumers whenever their personal information may have been compromised.

Companies that fail to properly lock down information or to notify consumers of intrusions could be sued in civil court.

"Organizations that are following near-best practices for data security should be OK," said Ray Wagner, research director for information security strategies at Gartner. "However, you could read (the law) very conservatively: If you don't encrypt data...and maintain good audit trails, you open yourself up to lawsuits."

The law attempts to stem the growing problem of identity theft, in part by encouraging companies to be more open about security breaches that may have compromised consumer data.

[ Read more ]

Related items




Spotlight

Chrome extension thwarts user profiling based on typing behavior

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Jul 29th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //