Proposed Law Demands Federal Agencies Just Do Something About Data Breaches
from the looking-out-for-us dept
In the wake of the embarrassing laptop thefts at the VA and the Census Bureau, it was only a matter of time before some politician moved to pass a law to “do something” about the problem. Politicians, of course, love to appear as if they’re doing something to help right past wrongs, so it’s almost surprising that it took until now for Rep. Tom Davis to introduce the Federal Agency Data Breach Protection Act. You’d think with a name like that, the law would actually try to solve the data breach problem, but again, it’s all about appearance. If you actually read the bill (.pdf), you’ll see that there’s nothing substantive in it; it’s just a call for agencies to develop guidelines to deal with the problem. If federal agencies actually needed a law to spur them to develop guidelines, that’s depressing. What’s more likely is that the whole thing was cooked up to make Tom Davis, and whatever other Representatives sponsor the bill, look good during election season.
Comments on “Proposed Law Demands Federal Agencies Just Do Something About Data Breaches”
well...
what the agencies need is a law that has serious consequences if there is a data breach. what the consequences would be i’ll leave up to the law makers and your imagination.
well...
i should clarify, no serious consequences if the data is on a network and breached by hackers or anything of the sort. i mean, consequences if they commit a “put my personal information on a laptop and leave it on a park bench” type breach…
Re: well...
Uh, I disagree.
I fthey cant be bothered to secure their networks, they are just as guilty as leaving a laptop on a park bench.
Security is not a one-step process
employee and immediate supervisor are terminated, agency head loses one full month of pay/benefits, and the agency has $10K reduced from its next year’s budget for each name exposed.
problem solved.
well...
and if an previously unknown exploit is discovered and the admin hasn’t been able to accomodate for it? sure, if thousands of identities get stolen through a netbios hack then yes, the admin messed up… but this isn’t always the case.