« Previous post | Home | Next post »
One year later, California identity theft law remains low-key
The regulation hasn't spurred predicted lawsuits but has increased awareness
Nearly a year after California's landmark SB 1386 identity theft law went into effect, there has been none of the troublesome litigation that had been predicted to come in its wake.
But the law has raised overall corporate awareness of the need to have strong privacy protections in place, legal experts said last week.
SB 1386, which went into effect July 1 last year, requires companies that do business with California residents to inform customers when their names, in combination with personally identifiable information, have been accessed by an unauthorized person (see story). Some legal experts had expected the law to open a floodgate of trouble, especially because of the ambiguous nature of some of its provisions.
For instance, the law calls for companies to encrypt data but doesn't specify what level of encryption is considered legally acceptable. Similarly, the law isn't specific about the obligations of the IT organization, mandating only that companies notify customers when "it is reasonably believed" that personal information has been compromised.
FULL STORY from COMPUTERWORLD [pop up]
Category: Business Tips
Posted on June 16, 2004 at 01:08 PM | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83452034a69e200d8355adf1469e2
Listed below are links to weblogs that reference One year later, California identity theft law remains low-key:
