Language Selection

English French German Italian Portuguese Spanish

Senate moves toward new data security rules

Filed under
Security

In a flurry of activity before Congress prepares to skip town for an August recess, three different congressional committees considered similar legislation at the same time on Thursday morning.

The Senate's Commerce Committee voted unanimously to accept a bill introduced earlier this month by Sen. Gordon Smith, R-Ore. It would give the Federal Trade Commission the power to create an information security program that provides "administrative, technical and physical safeguards," and set guidelines for notifying people threatened by a data security breach.

The committee adopted a package of about a dozen amendments, including a compromise suggested by Sen. Barbara Boxer, D-Calif., that would cut, from 90 days to 45 days, the maximum number of days a company has to notify individuals of a breach. But even those guidelines are just broad suggestions, Smith said. "As soon as they know, they need to notify."

Senators also voted to accept an amendment proposed by Sen. Bill Nelson, D-Fla.--which would prohibit the sale and display of Social Security numbers except in special circumstances--but indicated it might be tweaked before it is final. Also, the bill will not go to a floor vote until some of its provisions are negotiated with members of the Senate Banking Committee, said Sen. Ted Stevens, R-Alaska, who chairs the Commerce Committee.

Meanwhile, the Senate Judiciary Committee pushed back its plans Thursday to vote on a trio of personal data security bills.

The committee had been scheduled to vote on the lengthiest and most far-reaching proposal, titled the Personal Data Privacy and Security Act. Sen. Arlen Specter, R-Penn., and Sen. Patrick Leahy, D-Vt., introduced the measure in late June, shortly after MasterCard announced that an intruder may have pilfered information from 40 million credit card accounts.

At the same time on Thursday, a U.S. House of Representatives Energy and Commerce subcommittee convened a hearing about its own draft of data protection legislation.

Full Story.

More in Tux Machines

And now for some good news... How open source triumphed over Microsoft Office in Italy

Microsoft Office may have a global monopoly, but one Italian region rejected it flat out. But, why? In the stunningly beautiful Italian region of Umbria, you'll feel more at home running open source software, rather than the clunky and expensive Microsoft Office suite. Read more

Red Hat, Chilean government hold talks on open source initiative

The head of Chilean regulator Pedro Huichalaf agreed to pass information regarding the benefits of open source software to the ministerial committee for digital development Read more

IT teams are choosing open source - but not just for the cost savings

IT decision makers are increasingly turning to open source over proprietary software because they believe it offers them better business continuity and control Read more

Patent Troll Kills Open Source Project On Speeding Up The Computation Of Erasure Codes

Via James Bessen, we learn of how a patent trolling operation by StreamScale has resulted in an open source project completely shutting down, despite the fact that the patent in question (US Patent 8,683,296 for an "Accelerated erasure coding system and method") is almost certainly ineligible for patent protection as an abstract idea, following the Supreme Court's Alice ruling and plenty of prior art. Erasure codes are used regularly today in cloud computing data storage and are considered to be rather important. Not surprisingly, companies and lawyers are starting to pop out of the woodwork to claim patents on key pieces. I won't pretend to understand the fundamental details of erasure codes, but the link above provides all the details. It goes through the specific claims in the patents, breaking down what they actually say (basically an erasure code on a computer using SIMD instructions), and how that's clearly an abstract idea and thus not patent-eligible. Read more