From: BankInfoSecurity.com
Attorneys Say Lack of U.S. Legislation Fuels Regulatory Action
By Jeffrey Roman
The failure to pass national privacy legislation in the U.S. hasn’t stopped regulatory agencies from taking matters into their own hands – a pattern that will continue throughout 2013, says a panel of attorneys.
“In the U.S., progress and actually getting to legislation that’s going to pass has been anemic,” says attorney David Navetta during a roundtable discussion on legal trends with Information Security Media Group [transcript below].
“What I do see, though, goes back to the regulators taking action and putting out guidance documents,” he says. “The biggest area where you’re actually finding legal obligations starting to arise is coming out of the regulatory side of the equation, not the legislative side.”
Attorney Lisa Sotto echoes Navetta’s observations, saying regulators and individual states have taken the lead in the enforcement landscape. “The states are very active now,” she says. “Not only is the FTC enormously active, but state [attorney generals] also are seeing this as an area where they want to play in a big way.”
In part two of a five-part series of roundtable discussions, the attorneys talk about:
- Top privacy trends for 2013;
- Key global privacy initiatives, particularly in the EU;
- What the U.S. must do to keep pace.
About the participants:
Lisa Sotto is managing partner for New York-based law firm Hunton & Williams, where she focuses on privacy, data security and information management issues. She has earned a No. 1 U.S. national ranking for privacy and data security from Chambers and Partners.
David Navetta is co-founder of the Information Law Group and co-chairman of the American Bar Association’s Information Security Committee. He has been a keen observer of information security-related litigation, including financial fraud and state privacy laws.
Ronald Raether is partner at Faruki Ireland & Cox in Dayton, Ohio. His experience with technology-related issues spans an array of legal areas, including patent; antitrust; licensing and contracts; employment; trademark; domain name disputes; and federal and state privacy statutes.
The remaining installments of this series focus on:
- The legal merits of ‘hack back’;
- Fraud litigation trends;
- Breach response best-practices;
- Top security/privacy issues of 2013.
Today’s Top Privacy Threats
TOM FIELD: Lisa, what do you see as today’s biggest threats to privacy?
LISA SOTTO: Not to harp on the same thing, but the question really does call for a similar response, and that’s: Security vulnerabilities remain the biggest threat to privacy. If we think about privacy as the appropriate use of data, we can’t even get to that question unless we can be sure that the data is appropriately safeguarded and that the integrity of data is remaining intact. We have perpetrators who really are criminals, specifically targeting people’s data, seeking to commit identity theft and account fraud. I think that theme will certainly be continued in the mobile arena.
Leave a Reply