Personal data security law takes effect
TMCnet
TMC Launches New Sites: Cable 4G Wireless Evolution  |  Satellite  |  Green Tech  | IT | IVR |  ITEXPO East begins in:   REGISTER NOW!
  INDUSTRIES
  PUBLICATIONS
  FREE RESOURCES
  INTERNATIONAL
  EVENTS
  ABOUT TMC
  COMMUNITIES
TMCnet CHANNELS
3G, VoIP & IPTV Performance Management
All-in-one IPPBX
Appliance Deployment
ATCA
Auto Dialer
Bandwidth Management
BPA (3rd Party Remote Call Monitoring)
Broadband Telephony
Business VoIP
Call Center
Call Center Certification
Call Center Cubicles
Call Center Furniture
Call Center Hiring
Call Center On Demand
Call Center Scheduling
Call Center Software
Call Center Solutions
Call Center Training
Call Monitoring
Carrier Ethernet
Conference Call
Conference Phones
Contact Center Software
CRM Software
CRM Solutions
Cubicles
Device Provisioning
Dialer
DID/DDI
Email Server
Ethernet Extender
Fax
Fax Over IP
Free Conference
HD Conference
HD Video Conferencing
Headsets
Hosted Call Center
Hosted Contact Center
Hosted PBX
IP Phone System
IVR
Managed Services
Mobile Management
Mobile Unified Communications
Mobile Video
NAT Traversal
Open Source CRM
PC to Phone
Performance Management
Phone Systems
Predictive Dialer
Pre-employment Screening
Selecting VoIP Solutions
SIP
SIP / IP Fax
SIP Trunking
Softswitch
Speech Recognition and Text to Speech
Telecom Cost Management
Telecom Expense Management
Telemarketing Software
Triple Play
Unified Communications
Virtual Call Center
Virtual Numbers
Virtual PBX
Voice Broadcast
Voice and Video IP Communication
Voice Peering
Voicemail Replacement
VoIP Contact Center
VoIP Developer
VoIP Monitoring
VoIP Robustness Testing
VoIP Test Solutions
Web Conferencing
Webcasting
Webinar
Wholesale VoIP
Wireless Expense Management
Wireless Management
Workforce Management
Workforce Management Software
Workforce Optimization
E-mail this page to a friend Order reprints online Print this page Bookmark this page Free magazines Free newsletters RSS-XML alerts
TMCnews
[December 31, 2005]

Personal data security law takes effect

(Chicago Tribune (KRT) Via Thomson Dialog NewsEdge) Dec. 31--A law requiring businesses to promptly notify customers of security breaches involving their personal information takes effect Sunday in Illinois, one of a growing number of states trying to curb identity theft.



But data security observers see several shortcomings in such laws, including that they could be difficult to enforce or could backfire for some consumers.

The Illinois legislature passed the Personal Information Protection Act last May, making it the second state, after California, to require companies to promptly alert consumers of security breaches involving their personal information, Susan Hofer, spokeswoman for the Illinois Department of Financial and Professional Regulation, said Friday.



Gov. Rod Blagojevich signed the legislation in June, and the law takes effect Sunday.

Nearly 20 other states have passed so-called "breach notification" laws, according to the Public Interest Research Group.

Illinois' measure was inspired by a 2004 incident in which Georgia-based ChoicePoint sold the personal information of more than 145,000 people, including 5,000 Illinois residents, to identity thieves posing as legitimate businesses. Even after ChoicePoint caught on to the breach, consumers were not notified until months later, in response to a California law requiring the disclosure of security breaches of personal information, according to Blagojevich's office.

The Illinois law "can help individuals take steps to protect their assets and identities before thieves wreak havoc on their credit," Blagojevich said in a statement after signing the bill.

The law does not specify exactly how quickly consumers must be notified if data is lost or stolen, but generally says data collectors must notify consumers "without unreasonable delay" after learning of a security breach.

"Prior to this law, there were no requirements for companies to notify individuals about possible security issues," Hofer said.

But one privacy and data protection lawyer said a federal law also is needed because state laws vary so widely.

"A company that does business in a lot of states may have problems," said Chris Wolf, chairman of the privacy and data security group of law firm Proskauer Rose. "It's like trying to play a game of Whack-a-Mole to try to comply with different laws" absent federal legislation.

The Illinois Bankers Association, however, doesn't seem to think the new notification law will be onerous.

"In the case of banks, they have pretty much followed that anyway," said association spokeswoman Debbie Jemison. "It's not going to be a huge difference."

Also taking effect in Illinois Sunday is a law allowing victims of identity theft to place a freeze on their credit report, preventing its release to any party without their consent.

That law "looks decent--no fee for placing the freeze or lifting it, reasonable time limits on when the credit bureau has to respond," said Beth McConnell, director of the public interest group in Pennsylvania. However, "it could have been stronger by allowing any consumer to freeze their report as a preventive measure, not just ID theft victims."

But Proskauer's Wolf said the notification law will likely lead to companies ringing alarm bells when consumers needn't be worried. In response, consumers might put a security freeze on their credit accounts, protecting them from misuse but also making it tougher to legitimately use credit and open new accounts, he said.

One identity fraud detection service said such laws do little to prevent the growth in identity theft.

"There are so many ways of using identity information," said Terrence DeFranco, chief executive officer of Edentify Inc., a publicly traded Bethlehem, Pa.-based identity management firm. "If you're the perpetrator you can skate around the alert."

States might be better off putting some of the burden on, say, banks to do a better job of screening who's applying for a credit card, DeFranco said.

byerak@tribune.com.

[ Back To TMCnet.com's Homepage ]
Discussions:
Be the first to post a comment on this page!
 
By  
TMCnet
+ Add to the Discussion
Receive more news in your Email
Featured White Papers
Featured White Paper RSS feed
Customer Process Management: Developing best practices and metrics for a customer-centric operation
Understanding the Total Cost of Ownership of IP Telephony Solutions
Upgrading from a RADIUS Billing Server to a Native SIP based IVR and Real-time Billing Solution
view all white papers…
Top Stories
Today's TMCnet Top Stories and News Articles
Fitch Expects Weakness
40G Market Accelerates
InfoCision Stays Downtown For Expanded Contact Center
Sunrise Telecom Intros New Test System for Service Providers
SantaSpeaking.com Puts a Modern Spin on Old St. Nick
more of today's top stories...
Related VoIP News
Latest IP Communitions and VoIP News
Westman Communications Group Deploys TV Caller ID Application from Integra5
MEMS Congress Discusses New Class of Applications in MEMS Industry
Verizon Business to Provide Secure Global Communications Network for Daimler AG
MERA Helps NWB Handle Increased Traffic Transit
Nucleus Research Determines BlackLine Solutions Delivering 227 Percent ROI for Cox Communications

Today @ TMC
Upcoming Events
19th INTERNET TELEPHONY Conference & EXPO East
 February 2-4, 2009 — Miami Beach Convention Center, Miami, FL
Digium Asterisk World Conference
 February 2-4, 2009 — Miami Beach Convention Center, Miami, FL
4G Wireless Evolution Conference
 February 2-4, 2009 — Miami Beach Convention Center, Miami, FL
6th Annual Communications Developer Conference
 February 2-4, 2009 — Miami Beach Convention Center, Miami, FL
20th INTERNET TELEPHONY Conference & EXPO West
 October 27-29, 2009 — Los Angeles Convention Center, Los Angeles, CA
view more…
Subscribe FREE to all of TMC's monthly magazines. Click here now.