http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9001477

And the scariest thing noted,

or "even bar individuals from working in their respective industries,"

--TH13

--TH13

"even bar individuals from working in their respective industries,"

I don't see that as being in the least bit scary, in fact it is quite normal, at least over here...........if you are a lawyer, doctor, dentist, accountant, veterinary or other professional and you screw up, you can expect to be barred by your profession and no longer allowed to practice. Military, and it is reduced to the ranks or a dishonourable discharge?

We just need to add impeachment for elected representatives and a firing squad for civil servants and everything will be fine :D

//We have a definition for civil servants over here:

"Civil to no man and servant to the devil"........... and that goes back to the AWI and George III :D

On a more serious note, I think that we need to look at the "small print" of these proposals a bit more closely?

Theres no such thing as small print. :)
In some ways I think this is a good idea, and in others a bad one. What could be the underlying motive for this?

What could be the underlying motive for this?

Well it seems to be backed by both parties. Maybe just trying to restore confidence in the old two party system. There have been quite a few "leaks" recently, and all the elected politicians will be eager to make out that it is not their fault and they are "doing something about it"?

That is why I warned about looking at the legislation carefully, it could be a "knee jerk" reaction, and that produces the worst.

Also, any time legislators mention fines, you wonder about the severity of the fine and how much that gets passed back onto the consumers, no sense in telling them it will cost you such and such in fines if all they have to do is recoup those losses through other means...(reduction in labor force, tax loopholes, increased fees, etc).

I believe the thought of serious time behind bars, will probably be the most effective deterrent...and as nihil mentioned the fear of not being able to practise anywhere else should be a motivator as well.

But just like in Canada, if you lose your license to practise in Newfoundland (Lawyer for example) you can always move to another province, I believe this is pretty much the same in the States?

Only serious problem I can see there is getting somebody to take responsibility for a data loss. Unless they were clearly identified before hand as being the person whos job it is to ensure data security, everybody will try to pass the buck. The least political minded person could end up getting shafted simply because they didn't see it coming and didn't try to pass the buck.

qwertyman66

If you look at most of the recent data leakages, they have happened because individuals have broken or circumvented "the rules"

So:

1. Determine your security policy and processes that comply.
2. Have that compliance independently audited and verified.
3. Apply that policy
4. Enforce that policy
5. Get everything in writing ;) and get them to sign up on a regular basis

With the VETs thing, it seems the guy had written permissions, but they dated back to 2002 :eek:

Any exceptions should be on a "needs to" basis and have a very clear expiry date!

More useless legislation echoing what is already law.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=275802#post906610) by RoadClosed
More useless legislation echoing what is already law.
Yeah, or weaken existing laws (ie.; California disclosure law).

There are already at least 10 other pieces of legislation pending before Congress...
Man is that scary in itself....if these all get passed (and they wont I doubt) than you could see a complicated web of legislation where some laws weaken others and some contradict others. What a mess. :(

Excuse me folks whilst I go and get my Prime Ministerial/Presidential crayon set :rolleyes:

1. There is the Law
2. There is Law Enforcement

Without #1, #2 is irrelevant.

Without #2, #1 is irrelevant.

I am sorry folks, but that is how it works............. so producing masses of new legislation with no enforcement policy and mechanism is a waste of time IMO.

:)

No argument there Nihil. In modern times a lot of laws are passed just to sort of appease a certain group of voters. They are almost never enforceable. But no one will stand up and say, this is completely ludacris. These are fluff. Get out of congress. Go back to your bath house, farm, coffee shop, art gallery, ranch, home or where ever the hell you come from. In many cases it is a mansion full of servents and a private jet parked at the airport.

side issue

As I, and a few other members here on AO, were affected by the VA incident, I started doing more research and found out the that 3 major credit reporting agencies have no laws governing the accuracy of their reporting! So if you are/were affected by fraud and it gets to those agencies - they just put it up on your record - without verification or checking to see if it was fraud. I checked with the agencies some time ago, and they had 3 different aliases for my name and when questioned how this could be, they replied "we accept input from various organizations" when questioned about verification, I got white noise. :eek: So an enforceable law here would be a good start as well... you know what - I'm going to contact my State rep on this now!

/side issue