Printer Friendly

SEC's data breach probe of Yahoo could set precedent.

According to LegalTechNews. com and the Wall Street Journal, the Securities and Exchange Commission (SEC) is investigating whether Yahoo Inc. should have disclosed its data breaches to investors earlier. Any resulting penalties would be the agency's first ever for such a charge.

The SEC is checking whether Yahoo broke securities laws when it waited until 2016 to disclose the two breaches, which together compromised the data of more than a billion users. The incidents occurred in August 2013 and in late 2014.

Last September, U.S. Sen. Mark Warner (D-Va.) wrote to former SEC Chair Mary Jo White asking her to investigate.

Robert Cattanach of Dorsey & Whitney in Minneapolis, which represents companies in cybersecurity matters, said it can take weeks or months to gather enough information about a breach and the data that was compromised to disclose an incident accurately.

"I can promise you that there are so many different open questions when you are in the middle of one of these [data breaches], your head is just swimming," he said. "So the fact that [Yahoo] waited a while before [disclosing] is in many ways understandable, but from the SEC perspective: you don't get forever."

Craig Newman of Patterson Belknap Webb & Tyler in New York, which represents clients in financial and cybersecurity matters, said companies are in a tough spot because "they don't want to jeopardize law enforcement efforts, they don't want to jeopardize investigations, but at the same time, securities laws require them to be transparent with their own investors."

According to Newman, SEC guidance on disclosures provides no direction on how long companies should take. Most states have data breach laws that include a time frame, some giving companies 45 days to disclose.

Yahoo declined to comment on this particular SEC investigation.

COPYRIGHT 2017 Association of Records Managers & Administrators (ARMA)
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2017 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:CYBERSECURITY
Publication:Information Management Journal
Date:Mar 1, 2017
Previous Article:Internet Titans will team to detect terrorist content.
Next Article:The next frontier for RIM Pros.

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters