[EAS]Knowing You Got Hacked

pjk pjk at design.eng.yale.edu
Mon Jun 30 23:40:02 EDT 2003


Subject:   Knowing You Got Hacked

(from NewsScan Daily, 30 June 2003)

BILL WOULD MANDATE NOTIFICATION OF PERSONAL DATA HACKS
Legislation introduced by Sen. Dianne Feinstein (D-Calif.) would
require  businesses and government agencies to notify consumers when
hackers break into corporate computer systems and steal their
personal data, such as  social security numbers and credit card
information. The stipulations of  the bill are in direct conflict
with efforts by the Bush administration to  keep such details hidden
from the public, in the hope that hacking victims  will notify the
FBI and other government agencies when such incidents occur. The
FBI director and some top U.S. prosecutors told technology 
executives recently that they will increasingly work to keep the
secret the names of companies that fall victim to major hacking
attacks. Consumer groups praised Feinstein's proposed legislation:
"It's a really important  step forward," said Chris Hoofnagle,
deputy counsel at the Electronic  Privacy Information Center.
"Individuals do not have this right to notice now." (AP/CNN.com 30
Jun 2003)
http://www.cnn.com/2003/TECH/biztech/06/30/hacker.bill.ap/index.html
--------------------------------------------------------------------
This is worth speaking up about to your legislators in Washington.
You probably recall earlier mailings on this list about the fast
growing indentity theft problem, e.g.
<http://jove.eng.yale.edu/pipermail/eas-info/2001/000382.html>.

Often you may already have been alerted to a need to prompt your
legislators about your concerns by, e.g.
<http://www.truemajority.com/> or <http://www.aclu.org/> or other
advocacy organizations of your choice, though I haven't heard from
any such in this instance. In that case you can either see if
topical advocacy groups offer a convenient channel,
<http://www.epic.org/> for privacy in this case, or you can look up
contact information for your elected officials in Washington (or
locally) at sites such as Project Vote Smart
<http://www.vote-smart.org/>, and then email (not very effective),
fax (better) or write (best) to them. Vote Smart also has
legislators' voting records and other useful information.

And if you want to see the details of such new bills, I refer you to
the THOMAS database <http://thomas.loc.gov/>. A simple keyword
search on "feinstein consumers personal data" within bills of the
108th Congress, i.e. <http://thomas.loc.gov/home/c108query.html>
will quickly lead you to Senator Feinstein's bill [S.223] at
<http://thomas.loc.gov/cgi-bin/query/D?c108:1:./temp/~c108Uu5qx9::>.

   --PJK




More information about the EAS-INFO mailing list