Language Selection

English French German Italian Portuguese Spanish

Senate moves toward new data security rules

Filed under
Security

In a flurry of activity before Congress prepares to skip town for an August recess, three different congressional committees considered similar legislation at the same time on Thursday morning.

The Senate's Commerce Committee voted unanimously to accept a bill introduced earlier this month by Sen. Gordon Smith, R-Ore. It would give the Federal Trade Commission the power to create an information security program that provides "administrative, technical and physical safeguards," and set guidelines for notifying people threatened by a data security breach.

The committee adopted a package of about a dozen amendments, including a compromise suggested by Sen. Barbara Boxer, D-Calif., that would cut, from 90 days to 45 days, the maximum number of days a company has to notify individuals of a breach. But even those guidelines are just broad suggestions, Smith said. "As soon as they know, they need to notify."

Senators also voted to accept an amendment proposed by Sen. Bill Nelson, D-Fla.--which would prohibit the sale and display of Social Security numbers except in special circumstances--but indicated it might be tweaked before it is final. Also, the bill will not go to a floor vote until some of its provisions are negotiated with members of the Senate Banking Committee, said Sen. Ted Stevens, R-Alaska, who chairs the Commerce Committee.

Meanwhile, the Senate Judiciary Committee pushed back its plans Thursday to vote on a trio of personal data security bills.

The committee had been scheduled to vote on the lengthiest and most far-reaching proposal, titled the Personal Data Privacy and Security Act. Sen. Arlen Specter, R-Penn., and Sen. Patrick Leahy, D-Vt., introduced the measure in late June, shortly after MasterCard announced that an intruder may have pilfered information from 40 million credit card accounts.

At the same time on Thursday, a U.S. House of Representatives Energy and Commerce subcommittee convened a hearing about its own draft of data protection legislation.

Full Story.

More in Tux Machines

Linux Foundation and Free Software Foundation Europe

Lessons learned from the failure of Ubuntu Touch

With the death of yet another open source/free software/Linux-based mobile platform, Ubuntu Touch, clearly it is time for us to sit down and have a frank discussion about what we in the free software world can reasonably accomplish in a mobile platform. One of the biggest issues—if not THE biggest issue—with Ubuntu Touch was that it simply had goals that were far too aggressive to reasonably achieve. It suffered from the all-too-common malady known in software development as feature creep. Read more

City Cloud gets Ubuntu Certified

European Infrastructure as a Service (IaaS) provider City Network, has joined the Ubuntu Certified Public Cloud (CPC) programme. This is the second very big European win for Ubuntu after it signed up OVH earlier this month. As an Ubuntu CPC partner, City Cloud will no longer need to create, curate, patch and maintain Ubuntu images. This will all be done by Ubuntu who will then provide them to City Network. Read more

Open-spec networking Mini-ITX has 1, 2.5, and 10 GbE ports

SolidRun’s “Marvell MacchiatoBIN” is a $349, Mini-ITX networking SBC that runs Linux 4.4 on Marvell’s quad -A72 Armada 8040, and supports ODP, OFP, and NFV. SolidRun, which is known for its NXP i.MX6 based HummingBoard SBCs and Marvell Armada 38x based ClearFog Pro and scaled down ClearFog Base networking boards, has spun a $349 (and up) Marvell MacchiatoBIN SBC that showcases Marvell’s high-end Armada 8040 SoC. The 170 x 170mm “community” Mini-ITX board ships with schematics and layout files, and offers an open source, mainline Linux 4.4x BSP. Read more