New Legislation Would Threaten Execs With Jail Over Data Breaches
Executives who intentionally conceal a security breach that involves personal data could face jail time under legislation soon to be filed by two veteran U.S. senators.
Two veteran U.S. Senators said Thursday that they would introduce a bill which would put business executives in harm's way when their companies stonewalled on data breaches.
Sen. Arlen Specter (R-Penn.) and Sen. Patrick Leahy (D-Vt.), the chairman and ranking member, respectively, of the Senate's Judiciary Committee, plan to include jail time for business leaders who intentionally conceal a security breach that involves personal data.
The bill is just the latest in reaction to the growing number of disclosures of data theft, loss, and illegal selling. The most recent -- and the largest to date -- involved 40 million credit card accounts.
"Insecure databases have become low-hanging fruit for hackers looking to steal identities and commit fraud during a time when we are seeing a troubling rise in organized rings that target personal data to sell in online," said Sen. Leahy in a statement.
The Leahy-Specter bill, the first to garner support from a Republican, would also put a stop to the buying and selling of Social Security numbers without owners' permission, bar government agencies from posting public records that contain Social Security numbers on the Internet, and require companies that hold personal data to create policies to protect the data as well as vet third-parties they hire to process that data.
Consumers would also be allowed to access the personal data profiles collected by "data brokers" -- such as ChoicePoint, Inc., a company that earlier this year admitted to selling data to criminals -- and correct any errors, just as they can now with their credit reports.
"This actually sounds like a bill that will do something," said Avivah Litan, research director at Gartner, and the research firm's resident expert on data and identity theft. "Mostly because it puts the CEOs on the hot seat."
The upcoming bill is the latest in a string from the Senate. Sen. Dianne Feinstein (D-Calif.), Sen. Charles Schumer (D-N.Y.), and Sen. Bill Nelson (D-Fla.) have all introduced legislation that tackle aspects of the data breach problem.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.