Shostack + Friends Blog Archive


The hand is quicker than the eye

Arlen Specter and Pat Leahy have proposed the “Personal Data Privacy and Security Act of 2005“. This is a comprehensive proposal, and is opposed big-time by various industry lobbies. As reported in the October 21, 2005 American Banker, this bill has hit a snag, and is languishing in Committee.
Meanwhile, another bill, courtesy of Jeff Sessions (R, Alabama) which should be vastly more palatable to those objecting to the Specter, Leahy proposal, has been voted out of Commitee. Presto, change-o!
A quick excerpt, for those living in states which already have laws providing better protection than that offered by the Sessions proposal:

The provisions of this Act shall supersede any law, rule, or regulation of any State or unit of local government that relates in any way to electronic information security standards or the notification of any resident of the United States of any breach of security pertaining to any collection of personal information about such resident.

These two proposals are interesting reading, and for reasons that go well beyond information security.