laws – SSL and internet security news

US Critical Infrastructure Companies Will Have to Report When They Are Hacked

March 15, 2022 infossl

cyberattack, cyberespionage, cybersecurity, defense, espionage, hacking, infrastructure, laws, ransomware, Security technology, Uncategorized

This will be law soon: Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. […] The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President … Read More “US Critical Infrastructure Companies Will Have to Report When They Are Hacked” »

Me on App Store Monopolies and Security

February 1, 2022 infossl

apple, cybersecurity, laws, monoculture, privacy, Security technology, Uncategorized

There are two bills working their way through Congress that would force companies like Apple to allow competitive app stores. Apple hates this, since it would break its monopoly, and it’s making a variety of security arguments to bolster its argument. I have written a rebuttal: I would like to address some of the unfounded … Read More “Me on App Store Monopolies and Security” »

The Problem with Treating Data as a Commodity

February 26, 2021 infossl

data protection, laws, privacy, reports, Security technology, Uncategorized

Excellent Brookings paper: “Why data ownership is the wrong approach to protecting privacy.” From the introduction: Treating data like it is property fails to recognize either the value that varieties of personal information serve or the abiding interest that individuals have in their personal information even if they choose to “sell” it. Data is not … Read More “The Problem with Treating Data as a Commodity” »

Virginia Data Privacy Law

February 18, 2021 infossl

courts, data protection, laws, privacy, Security technology, Uncategorized

Virginia is about to get a data privacy law, modeled on California’s law. Powered by WPeMatico

Another California Data Privacy Law

May 11, 2020 infossl

dataprotection, laws, privacy, Security technology, surveillance

The California Consumer Privacy Act is a lesson in missed opportunities. It was passed in haste, to stop a ballot initiative that would have been even more restrictive: In September 2017, Alastair Mactaggart and Mary Ross proposed a statewide ballot initiative entitled the “California Consumer Privacy Act.” Ballot initiatives are a process under California law … Read More “Another California Data Privacy Law” »

Cybersecurity Law Casebook

March 9, 2020 infossl

courts, cybersecurity, laws, Security technology

Robert Chesney teaches cybersecurity at the University of Texas School of Law. He recently published a fantastic casebook, which is a good source for anyone studying this. Powered by WPeMatico

Securing the Internet of Things through Class-Action Lawsuits

February 27, 2020 infossl

courts, internetofthings, laws, publicinterest, Security technology

This law journal article discusses the role of class-action litigation to secure the Internet of Things. Basically, the article postulates that (1) market realities will produce insecure IoT devices, and (2) political failures will leave that industry unregulated. Result: insecure IoT. It proposes proactive class action litigation against manufacturers of unsafe and unsecured IoT devices … Read More “Securing the Internet of Things through Class-Action Lawsuits” »

Modern Mass Surveillance: Identify, Correlate, Discriminate

January 27, 2020 infossl

cameras, essays, facerecognition, identification, lawenforcement, laws, privacy, Security technology, smartphones, surveillance

Communities across the United States are starting to ban facial recognition technologies. In May of last year, San Francisco banned facial recognition; the neighboring city of Oakland soon followed, as did Somerville and Brookline in Massachusetts (a statewide ban may follow). In December, San Diego suspended a facial recognition program in advance of a new … Read More “Modern Mass Surveillance: Identify, Correlate, Discriminate” »

How Privacy Laws Hurt Defendants

August 2, 2019 infossl

academicpapers, courts, lawenforcement, laws, privacy, Security technology

Rebecca Wexler has an interesting op-ed about an inadvertent harm that privacy laws can cause: while law enforcement can often access third-party data to aid in prosecution, the accused don’t have the same level of access to aid in their defense: The proposed privacy laws would make this situation worse. Lawmakers may not have set … Read More “How Privacy Laws Hurt Defendants” »

The Importance of Protecting Cybersecurity Whistleblowers

June 3, 2019 infossl

breaches, courts, cybersecurity, disclosure, laws, Security technology, whistleblowers

Interesting essay arguing that we need better legislation to protect cybersecurity whistleblowers. Congress should act to protect cybersecurity whistleblowers because information security has never been so important, or so challenging. In the wake of a barrage of shocking revelations about data breaches and companies mishandling of customer data, a bipartisan consensus has emerged in support … Read More “The Importance of Protecting Cybersecurity Whistleblowers” »