Comments
CISPA Passes House: What's Next?
Oldest First  |  Newest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Apprentice
4/28/2012 | 3:27:58 PM
re: CISPA Passes House: What's Next?
@readers - do you agree with the EFF that the language should be stronger when it comes to the liability of businesses?
Brian Prince, InformationWeek/Dark Reading Comment Moderator
MyW0r1d
50%
50%
MyW0r1d,
User Rank: Strategist
4/28/2012 | 11:44:23 PM
re: CISPA Passes House: What's Next?
The portion referenced in the article attributed to EFF does not make it clear if that is the current wording or the modified. I would say that any company where prior knowledge of a security flaw that went unresolved and was material to the loss of personal data should be held liable. I do not understand how any company could use a good faith defense (faith that they chose the risk of not having an incident as acceptable).

The amount of information they are holding is frightening. I called my bank recently to make an inquiry. Before proceeding, I was asked to identify from the five cities that they would list which one had some relationship to my "family." Naturally, I expected a personal list. My surprise when the only one identifiable was the Georgia residence (population 500) of a brother's short term, second wife divorced at least ten years prior (my families origins are on the other side of the US). Thank goodness I remembered but I was equally certain to have never listed it on any of my personal history forms. How and what kind of family history are banks assembling, storing, and what is reasonable retention? If this kind of detail was obtained through a cyber break in, it is clear how easily identity theft could be effected. I am far more concerned on the commercial institutions use and security of my personal data than that of the government's.


The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government, May 2014
NIST's cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work?
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.