Proposed Bill Could Impose Stiff Fines on Companies With Lax Online Security
Proposed Bill Could Impose Stiff Fines on Companies With Lax Online Security
Posted 09/11/2011 at 8:40am
| by Justin Kerr
11
Comments
Print
Sony executives bowed down before the Japanese and international press earlier this year to tell everyone “we’re sorry”, but for those of us wondering if our credit card numbers were being sold off on the seedier parts of the web, somehow “we’re sorry”, just didn’t cut it. A new law being presented by Democratic Senator Richard Blumenthal however will finally start holding large companies responsible for cyber security, and impose pretty harsh penalties on firms that don’t take the appropriate precautions.
“The goal of the proposed law is essentially to hold accountable the companies and entities that store personal information and personal data and to deter data breaches,” Senator Blumenthal said in a phone interview. ”While looking at past data breaches, I’ve been struck with how many are preventable.”
The new bill is called “The Personal Data Protection and Breach Accountability Act of 2011”, and is the result of intense debate by Congress over how to force companies to do a better job protecting consumers who shop online. The bill itself targets companies that store data for more than 10,000 people, and set out specific guidelines for how to store critical information such as passwords and credit cards.
“The Sony data breach has became a poster child of why we need this law,” he said. “We were working on this legislation well before that data breach occurred, but Sony is a good example of why this law should exist.”
More like this
11
Comments
Comments are closed on this article
I Jedi
September 11, 2011 at 11:55am
I realize for most people here, this is just another "government policy, that is sticking its nose in where it doesn't belong!" type of situation; however, consider how easy it was back a few months ago for LulzSec to breach data networks with even simple SQL injections. While the problem of inadequate network security has loomed around the industry for a long time, this bill is more so about protecting the consumer now more than ever before.
While not even I know what's in this proposed bill, other than a penalty fee, is it really that bad that the government finally take action? I think businesses brought this upon themselves, in my opinion, as it's one thing to offer shitty service to consumers, but entirely another for a business to have its customer's information easily accessible to the world.
If forcing companies with penalties, if they don't keep their customer's data safe, is like ticketing someone if they break the speed limit; therefore, endangering other people on the road, I'm all for harsh penalties against said online retailers. Sure, the company may not be endangering anyone's life, but they sure are putting their customer's economic soundness at risk.
This, in my opinion, is an example of when an industry chooses to take an easier, less costly route, which is negative for the consumer, and when it is necessary for government intervention to correct the wrongs of an industry.
bpstone
September 11, 2011 at 12:36pm
Skilled hackers (computer programmers) can break into just about any system put in front of them. The only way to truly protect their customer's private information is to keep data on an offline database when not prohibited.
I Jedi
September 12, 2011 at 7:08am
While you make a decent point, this just goes along with my point about companies needing to do beef up their security. Really, you just pretty much verified what I was trying to get across. :}
AnglicDemon00
September 11, 2011 at 9:55am
I was wondering when this was going to happen. Though I am not all that surprised. Though depending on the policies that are attached to this law will determine how it will be implamented. Though with this at least, Large corporations who deal with money transactions, can no longer try to skimp out on paying for implamenting new security policies, as well as mainting their current ones. I know network security is not cheap, but it is one that should not be overlooked.
Though with that said. . . the job of being a network security admin, just got that mcuh harder with an added bounse of risk.
Jessyjen
January 16, 2012 at 4:00am
Hi, I found this blog once, then lost it. Took me forever to come back and find it. I wanted to see what comments you got. Nice blog by the way.I wanted to thank you for the excellent info you have posted on your web site.
don2041
September 11, 2011 at 9:02am
Now they are going to turn law abiding companeys into criminals. What a fucked up system. Go after the hackers and theives and not pick on easy prey.
Nuxes
September 12, 2011 at 1:19am
I guess you are also against auto safety. Ford, GM, etc. were all law abiding companies in the 1950s, but lots of people were dying in car accidents, so the government mandated seatbelts and airbags. We expect products that are sold to us to be safe. This law is the first step in expanding that idea to the digital realm.
MrBlueCheese
September 11, 2011 at 5:47pm
If i entrusted a company to keep my information safe, and "script kiddies" can easily bypass their security measures, what does it say about the value they have placed on my personal information?
Just like laws that go after hackers and theives, something needs to be done about corporations and how they handle our personal info.
It is true that no system is 100% secure, doesn't mean reasonable measures can be taken to ensure that the system is more secure.
Connect with MaximumPC
Featured Content
The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...
This month's issue
Feature
Build a PC On Any Budget
Feature
Cloud Services Showdown
How-To
Encrypt Your External Drive
Build It
Upgrade an X58 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy2 days 33 min ago
- maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj2 days 42 min ago
- maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E3 days 22 hours ago
