A Flurry of Cyber Security Legislation in Washington

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
Slide Show

Five Warning Signs Your Security Policy Is Lacking

Warning signs of a weak security policy from SunGuard Availability Services.

We know that President Obama has made a big push toward improving the nation's approach to cyber security and electronic privacy issues. Now it looks like Congress has joined in and is taking a serious interest in these issues.

California Rep. Mary Bono Mack drafted a bill that would require companies that have suffered a data breach to notify law enforcement within 48 hours. However, the bill as it stands now wouldn't require those companies to notify customers as quickly. Instead, they'd have a 48-hour notification period after the company finished its assessment. A number of her colleagues in the House didn't agree on the long wait time for companies to notify the public of a problem. Part of the notification time concern stems from the backlash to recent breaches, like Sony and Citigroup, and the length of time that passed between the breach and alerting customers.

However, a change may be in the works. Reuters reported:

Chairman Bono Mack is open to the idea of making sure that there's a drop-dead certain time that companies have to report a breach," said Ken Johnson, Bono Mack's senior policy adviser on the issue.

A House bill introduced this week would require law enforcement to get a search warrant in order to track someone's location through a mobile device. The Senate introduced a similar bill, which adds a provision that a warrant would be needed to retrieve email stored on servers.

Another new Senate bill also deals with location privacy on mobile phones. According to an article in The Wall Street Journal:

[The bill introduced] by Democratic Sens. Al Franken of Minnesota and Richard Blumenthal of Connecticut would require companies like Apple and Google, as well as the makers of applications that run on their devices, to get a user's consent before sharing information with outsiders about the location of a mobile device.