California's New Over-hyped Privacy Law Has Giant Loophole
There's been a lot of press lately about California's new law requiring companies to notify consumers when personal information is stolen. This would be a great leap forward if not for the fact that the only information that appears to be protected is the social security number, driver's license number or credit card number.
That means your online brokerage account username and password do not fall into this category. So if someone hacks in and transfers all your money to their account, it's unclear whether they need to tell you since the only information that was lost to the intrusion was a username and password. Other data like medical records or insurance information is likewise not covered.
This widely applauded bill is supposed to be the basis for a broader federal statute to be introduced later this year. Read the text and see if you come to the same conclusion: full text of CA SB 1386. I had to point to the Google cache copy because their link went dead
Followup: rereading this, I think the brokerage account would be covered, although the wording is ambiguous. The other personal information is probably not covered. Good intent. Needs to be more strongly worried or it will not be effective.
Posted by Mark Wednesday, July 23, 2003 1:09:00 AM |