Amendment: Violation of ToS Should Not Be a Crime 74
Khyber writes "Three data and security breach notification bills have been approved by the Senate Judiciary Committee, one of which includes an amendment that adds clarity with regards to the Computer Fraud and Abuse Act. These three bills would require businesses to develop data privacy and security plans, and it would set a federal standard for notifying individuals of breaches of very sensitive personally identifiable information, such as credit card information or medical records. This clarification is welcomed, making the statute more focused towards hackers and identity thieves, instead of consumers that run afoul of ToS or AUPs of websites and service providers."
Go further, please. (Score:4, Informative)
It's good if they're requiring data privacy plans, but they should also develop some minimal requirements for what those plans say. How many stories to we get every week about someone's EULA claiming they have the right to sell your GPS data, or a corporation taking over another's assets and claiming that it is not held to the privacy agreements that data was collected under?