Telecom Signaling Industry News

TMCNet:  Notification standards for data breaches vary [Telegraph-Herald (Dubuque, IA)]

[March 10, 2014]

Notification standards for data breaches vary [Telegraph-Herald (Dubuque, IA)]

(Telegraph-Herald (Dubuque, IA) Via Acquire Media NewsEdge) WASHINGTON - The data breach at Target Corp. that exposed millions of credit card numbers has focused attention on the patchwork of state consumer notification laws and renewed a push for a single national standard.

Most states have laws that require retailers to disclose data breaches, but the laws vary wildly. Consumers in one state might learn immediately that their personal information had been exposed, but that might not happen in another state, and notification requirements for businesses depend on where their customers are located. Attorney General Eric Holder has joined the call for a nationwide notification standard, but divisions persist, making a consensus questionable this year.

"We're stuck with the state-by-state approach unless some compromise gets done at the federal level," said Peter Swire, a privacy expert at Georgia Tech and a former White House privacy official.

Despite general agreement on the value of a national standard, there are obstacles to a straightforward compromise: " Consumer groups don't want to weaken existing protections in states with the strongest laws.

* Retailers want laws that are less burdensome to comply with and say too much notification could cause consumers to tune out the problem.

* Congress is looking at different proposals for how any federal standard should be enforced and what the threshold should be before notification requirements kick in.

The issue gained fresh urgency as part of a larger security debate after data breaches involving retailers Neiman Marcus and Target. Target, the nation's second-largest retail discounter, has said 40 million credit and debit card accounts were exposed between Nov. 27 and Dec. 15.

The company went public with the breach on Dec. 19, several days after it said it learned of the problem and soon after the news began leaking online. Since then, sales, profit and stock prices have dropped, the company's chief information officer has resigned and banks and retailers are facing continued scrutiny about what more can be done to protect consumer data.

The Justice Department is investigating the data theft, and Holder urged Congress in a video statement last month to adopt a national notification standard that would include exemptions for harmless breaches.

"This would empower the American people to protect themselves if they are at risk of identity theft. It would enable law enforcement to better investigate these crimes and to hold compromised entities accountable when they fail to keep sensitive information safe," he said in the statement.

Such proposals have been around for years.

An Obama administration plan from 2011 would have required businesses that collect personal information on more than 10,000 people in any 12-month period to disclose potentially harmful breaches and for breaches that affect more than 5,000 people to be reported to consumer credit reporting agencies and the federal government.

Past congressional efforts to agree on a standard have failed. Currently, 46 states and the District of Columbia have their own breach notification laws, according to the National Conference of State Legislatures.

(c) 2014 ProQuest Information and Learning Company; All Rights Reserved.

[ Back To Telecom Signaling's Homepage ]

Featured Events

5G NA Signaling Day

November 14-16, 2016
Sheraton Dallas, Dallas, TX

Featured Webcasts

Securing The Signaling Interconnect: Oracle's Perspective On Recent Security Events

Today's telecommunications landscape is changing rapidly, and the "institution" of trust between networks that has been assumed over the decades is no longer relevant. We are now hearing of vulnerabilities in CSP interconnection points that have been known ...

Applications of Wi-Fi Calling

With all of the discussion about faster data access and richer content, it could be assumed that voice services no longer play an important role in the business model of the communications service provider. Join ReThink Technologies Research and Oracle Communications as we explore ...

Featured Whitepapers

Oracle Communications Diameter Signaling Router Main Differentiators

Diameter is the protocol used by network elements in LTE and 3G networks to enable and monetize services, such as voice, video and data. Diameter enables revenue-generating data services; including tiered data plans, loyalty programs, application specific QoS, content provider and Internet of Things (IoT) solutions ...

Multi-Layer Security Protection for Signaling Networks

The sanctity of mobile operators' networks and brands will depend greatly on their ability to deliver QoS guarantees to roaming and interconnect partners, while simultaneously protecting increasingly multimedia-savvy and socially connected ...

Featured Datasheets

Oracle Communications Diameter Signaling Router

Centralizing Diameter routing with cloud deployable Oracle Communications Diameter Signaling Router creates a secure signaling architecture that reduces the cost and complexity of the core network and enables elastic growth, interoperability and rapid introduction ...

Oracle Communications Mobile Security Gateway

The Oracle Communications Mobile Security Gateway is a high performance gateway that allows the Communications Service Provider (CSP) to cost effectively expand network coverage and increase capacity by incorporating Heterogeneous ...

Oracle Communications Evolved Communications Application Server

As service providers drive their networks toward an all-IP and virtualized state, they require the means to design and deliver compelling high definition voice, video and multimedia offers via Voice over LTE (VoLTE) and Voice over WiFi (VoWiFi) ...

Featured Infographic