California may join Minnesota and, possibly, New Jersey as one of the very first states to enact a law holding merchants responsible for the cost of notifying consumers in the event a security breach results in a compromise of personal information. On June 26, the California Senate Judiciary Committee passed A.B. 779 by a 3-2 vote.

A.B. 779 was proposed in response to the wide ranging security breaches at the TJX Companies Inc., which affected more than 46 million credit and debit card holders. The proposed law would allow businesses required to notify individuals of data breaches to seek reimbursement from the third party responsible for the breach of all "reasonable and actual costs," including the cost of providing notice, and replacing their credit or debit cards. The law is receiving strong opposition from a coalition of 30 groups and businesses representing retailers, financial institutions, information technology companies, marketers, and others.

In May of this year, Minnesota became the first and currently only state to have enacted a similar merchant breach liability law. New Jersey is currently considering a similar data breach liability bill.

Drafting Toolbox: Developing a Fair Use Policy

Employees are constantly copying materials they find in journals, newspapers, and, of course, online. With few exceptions, all of those materials are copyrighted. If the materials are accompanied by information relating to the owner of the copyright and additional terms and conditions regarding use of the materials, removal of that information may subject the user to substantial civil and criminal penalties under the Digital Millennium Copyright Act. Given the potential for copyright infringement and other claims, businesses are adopting fair use policies to reduce the potential for liability resulting from these activities. An example of a basic policy is attached.

 

Click  HERE   to download a copy of the Fair Usage Policy

Blog News

The following are recent topics discussed in my blog on Chief Security Officer Magazine’s Website:

• Newton’s Laws of Motion for Information Security
• Server Memory Subject to Search
• The Care and Feeding of Forensic Experts

In The Press/Useful Links:

The following hyperlinks lead to articles you may find useful:

Univ. of California hit with proposed 3M fine for Los Alamos breach

European task force lists RFID privacy threats

Software Testing Best Practices

Public and Private Entities Face Challenges in Addressing Cyber Threats

 

Michael R. Overly, Esq., CISSP, ISSMP
Foley & Lardner LLP
2029 Century Park East
35th Floor
Los Angeles, California 90067-3021
Telephone: 310-277-2223
Facsimile: 310-557-8475

© Copyright 2007 Foley & Lardner LLP

The information reported should not be construed as legal advice, nor utilized to resolve legal problems.

If you believe you are receiving this email in error or you do not wish to receive further communication, please send an e-mail to me at the above address.

If you know of someone who would like to be added to our mailing list for this update, please send their name to me at the above address.