Shostack + Friends Blog Archive


Nelson-Smith Data Protection Bill

Kim Zetter reports in Wired, Bill Strives to Protect Privacy

Another bill introduced in the Senate judiciary committee about two weeks ago addresses some of the same issues in a comprehensive way, and several other bills address individual issues, such as notification to consumers. The commerce bill, however, is likely to go the distance because it has bipartisan support and was introduced in the committee that oversees the Federal Trade Commission, which is responsible for monitoring the activities of credit-reporting agencies as well as enforcing fraud legislation and tracking ID theft. The commerce bill could be amended to include wording from other ID-theft bills when it goes to markup next Thursday.

No, not because it’s better, but because of Senate maneuverings. Oh, and Nelson-Smith gives companies the ability to determine if they want to shoot themselves in the foot their security failure should be reported. Watch for the first company that gets it wrong to be left twisting slowly in the wind like Arthur Anderson or Enron.