Law impels firms to disclose security breaches. (Media & Technology).A state law that went into effect July 1 requires companies that maintain computer databases on clients to notify them if hackers break in and steal clients' personal data that could be used in identity theft. The burden on businesses is still unknown, but it means companies will bear the expense of notification if security breaches occur. And some experts believe businesses will spend more money fighting court battles over this new privacy law. The law defines the personal data as a person's name, Social Security number, driver's license Noun 1. driver's license - a license authorizing the bearer to drive a motor vehicle driver's licence, driving licence, driving license license, permit, licence - a legal document giving official permission to do something number, California identification card number and credit or debit card debit card, card that allows the cost of goods or services that are purchased to be deducted directly from the purchaser's checking account. They can also be used at automated teller machines for withdrawing cash from the user's checking account. numbers in combination with security codes to access accounts. Legislators enacted the law last year after a hacker A person who writes programs in assembly language or in system-level languages, such as C. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is "hacking away" at the bits and bytes. entered a state computer system that held employment data records. Six weeks passed before employees and legislators received notification. Andy Serwin, senior counsel at Foley & Lardner who specializes in Internet and technology law, said the state is trying to set a national standard with this law. It applies to all companies doing business in California, whether or not their headquarters are in the state. "Businesses and a lot of lawyers who work in (Internet law) are concerned about compliance," Serwin said. The law doesn't require notification if databases are encrypted en·crypt tr.v. en·crypt·ed, en·crypt·ing, en·crypts 1. To put into code or cipher. 2. Computer Science , or scrambled to prevent access without authorization. However, the law doesn't provide a clear definition of encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. , Serwin said. He expects the law to spur more lawsuits against companies. To protect themselves, businesses can encrypt data, install technology to lock out hackers, and limit the times and amount of personal information taken from customers, Serwin said. Fred Main, senior vice president and counsel at the California Chamber of Commerce, said the business community worked with the Legislature last year to make the law less onerous. "There are always workability issues in any bill that passes," Main said. Union Bank of California Union Bank of California is one of the 30 largest commercial banks in the United States. It has 327 branches, the majority of which are in San Diego, Los Angeles and Orange Counties. , which has more than 1 million unique checking accounts, is well positioned to safeguard its clients' personal information and assets, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Bob Justus, senior vice president of corporate information security and contingency planning. The new law won't impact the way Union Bank handles privacy matters because notification was standard practice there before the law was enacted. "We would consider something a breach even if (hackers) got encrypted data," Justus said. Abe Singer, who is responsible for computer security for the San Diego Supercomputer Center “SDSC” redirects here. For the Satish Dhawan Space Centre, see Satish Dhawan Space Centre. The San Diego Supercomputer Center (SDSC) is an organized research unit of the University of California, San Diego (UCSD). , said smart attackers can read some encrypted data or find the password to be able to read it, depending on the complexity of the program. "There are strong door locks and weaker door locks," Singer said. "The stronger ones are harder to pick." |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion