Cybersecurity and Consumer Data: What's at Risk for the Consumer? : Hearing Before ... 108th Congress, 1st Session, November 19, 2003

Front Cover
 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Other editions - View all

Common terms and phrases

Popular passages

Page 18 - To date, the Commission's security cases have been based on deception,7 which the Commission and the courts have defined as a material representation or omission that is likely to mislead consumers acting reasonably under the circumstances.
Page 21 - As part of its plan, each financial institution must: (1) designate one or more employees to coordinate the safeguards; (2) identify and assess the risks to customer information in each relevant area of the company's operation, and evaluate the effectiveness of the current safeguards for controlling these risks; (3) design and implement a safeguards program, and regularly monitor and test it; (4) hire appropriate service providers and contract with them to implement safeguards; and (5) evaluate and...
Page 1 - HOUSE OF REPRESENTATIVES, COMMITTEE ON ENERGY AND COMMERCE, SUBCOMMITTEE ON COMMERCE, TRADE, AND CONSUMER PROTECTION, Washington, DC. The subcommittee met, pursuant to notice, at 10 am, in room 2322 Rayburn House Office Building, Hon.
Page 21 - Reg. 8,616-41 (Feb. 1, institutions to develop a written information security plan that describes their programs to protect customer information. Given the wide variety of entities covered, the Safeguards Rule requires a plan that accounts for each entity's particular circumstances - its size and complexity, the nature and scope of its activities, and the sensitivity of the customer information it handles.
Page 19 - Commission is not simply saying "gotcha" for security breaches. Although a breach may indicate a problem with a company's security, breaches can happen, as noted above, even when a company has taken every reasonable precaution. In such instances, the breach will not violate the laws that the FTC enforces. Instead, the Commission recognizes that security is an ongoing process of using reasonable and appropriate measures in light of the circumstances. When breaches occur, our staff reviews available...
Page 67 - Internet to our future and the ways we could make the Internet truly useful for people. Over the last year it has become clear that ensuring .NET is a platform for Trustworthy Computing is more important than any other part of our work. If we don't do this, people simply won't be willing — or able — to take advantage of all the other great work we do.
Page 26 - Cyberspace," working with a team of dedicated public servants, this distinguished body and the American public. I have had the privilege of working with committed individuals in the private sector, law enforcement, and government to forge the collaboration and cooperation that is so essential to safeguard cyber space for everyone, from inexperienced home users to large well-run corporate enterprises. I assisted in the formation of some of the first collaborative efforts in the law enforcement community...
Page 18 - Unfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce, are declared unlawful.
Page 18 - Commission").1 1 appreciate the opportunity to present the Commission's views on the impact of identity theft on consumers and the importance of information security in preventing identity theft. The Federal Trade Commission has a broad mandate to protect consumers, and controlling identity theft is an important issue of concern to all consumers. The FTC's primary role in combating identity theft derives from the 1998 Identity Theft Assumption and Deterrence Act ("the Identity Theft Act" or "the...
Page 19 - Because appropriate information security practices are necessary to protect consumers' privacy, companies cannot simply wait for a breach to occur before they take action. Particularly when explicit promises are made, companies have a legal obligation to take reasonable steps to guard against reasonably anticipated vulnerabilities. Like Eli Lilly, Microsoft promised consumers that it would keep their information secure. Unlike Lilly, there was no specific security breach that triggered action by...

Bibliographic information