310:
creation and treatment of subscriber billing. The use of these data is available only up to the end of the period that the bill can be repaid based on the law of
European Union (Article 6 - paragraphs 1-6 ). Regarding the marketing usage of the traffic data for the sale of additional chargeable services, they can be used from the company only if the subscriber gives his/her consent (but, the consent can be withdrawn at every time). Also, the service provider must inform the subscriber or user of the types of traffic data which are processed and of the duration of that based on the above assumptions. Processing of traffic data, in accordance with the above details, must be restricted to persons acting under the authority of providers of the public communications networks and publicly available electronic communications services handling billing or traffic management, customer enquiries, fraud detection, marketing electronic communications services or providing a value added service, and must be restricted to what is necessary for the purposes of such activities.
397:
states like
California publish these data breach notifications on their oag.gov websites. Breaches must be reported if "sensitive personally identifying information has been acquired or is reasonably believed to have been acquired by an unauthorized person, and is reasonably likely to cause substantial harm to the individuals to whom the information relates." This leaves room for some interpretation (will it cause substantial harm?); but breaches of encrypted data need not be reported. Nor must it be reported if data has been obtained or viewed by unauthorized individuals as long as there is no reason to believe they will use the data in harmful ways.
110:
74:
389:
any resident of
California whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person." In addition, the law permits delayed notification "if a law enforcement agency determines that it would impede a criminal investigation." The law also requires any entity that licenses such information to notify the owner or licensee of the information of any breach of the security of the data.
33:
291:(DPD), which has recently been replaced with the 2016 General Data Protection Regulation (GDPR), a comprehensive federal data breach notification law. The GDPR offers stronger data protection laws, broader data breach notification laws, and new factors such as the right to data portability. However, certain areas of the data breach notification laws are supplemented by other data security laws.
331:
data leaks quickly result in losing customer trust, brand value, and ultimately profits. An example of this include, after a 2004 data leak, Softbank swiftly lost 107 billion yen and
Benesse Corporation lost 940,000 customers after the data leak. This has resulted in compliance with disclosing data leaks in accordance with the policy.
488:. Identity theft can harm individuals when their personal data is stolen and is used by another party to create financial harm such as withdrawing their money, non financially such as fraudulently claiming their health benefits, and pretending to be them and committing crimes. Based on data collected from 2002 to 2009 from the
327:
illegal transaction, however, there is no specific provision dealing with data breach notification in the APPI. Instead, the
Policies Concerning the Protection of Personal Information, in accordance with the APPI, creates a policy that encourages business operators to disclose data breaches voluntarily.
1035:
Directive 2009/136/EC of the
European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection
454:
Most scholars, like Angela Daly, advocate for federal data breach notification laws emphasize the problem with having varying forms of data breach notification laws. That is, companies are forced to comply with multiple state data breach notification laws. This creates increased difficulty to comply
416:
As of August 2021, there is no federal data breach notification law. The first proposed federal data breach notification law was introduced to
Congress in 2003, but it never exited the Judiciary Committee. Similarly, a number of bills that would establish a national standard for data security breach
396:
to customers, usually in writing. California has since broadened its law to include compromised medical and health insurance information. Where bills differ most is at what level the breach must be reported to the state
Attorney General (usually when it affects 500 or 1000 individuals or more). Some
330:
Kaori Ishii and Taro
Komukai have theorized that the Japanese culture offers a potential explanation for why there is no specific data breach notification law to encourage companies to strengthen data security. The Japanese general public and mass media, in particularly, condemn leaks. Consequently,
204:
to notify their customers and other parties about the breach, as well as take specific steps to remedy the situation based on state legislature. Data breach notification laws have two main goals. The first goal is to allow individuals a chance to mitigate risks against data breaches. The second goal
458:
Advocates of a state-by-state approach to data breach notification laws emphasize increased efficiency, increased incentives to have the local governments increase data security, limited federal funding available due to multiple projects, and lastly states are able to quickly adapt and pass laws to
429:
proposed new legislation to create a national data breach standard that would establish a 30-day notification requirement from the discovery of a breach. This led to
President Obama's 2015 Personal Data Notification & Protection Act (PDNPA) proposal. This would have created federal notification
388:
As related in the bill statement, law requires "a state agency, or a person or business that conducts business in California, that owns or licenses computerized data that includes personal information, as defined, to disclose in specified ways, any breach of the security of the data, as defined, to
509:
Most federal data breach lawsuits share certain characteristics. These include a plaintiff seeking relief from the loss of an identity theft, emotional distress, future losses, and increased risk of future harm; the majority of litigation are private class actions; the defendants are usually large
343:
New Zealand’s Privacy Act 2020 came into force on December 1, 2020, replacing the 1993 act. The act makes notification of privacy breaches mandatory. Organisations receiving and collecting data will now have to report any privacy breach they believe has caused, or is likely to cause, serious harm.
313:
Data breach notification obligations are included in the new Directive on security of network and information systems (NIS Directive). This creates notification requirements on essential services and digital service providers. Among these include immediately notifying the authorities or computer
309:
The traffic data of the subscribers, who use voice and data via a network company, is saved from the company only for operational reasons. However, the traffic data must be deleted when they aren’t necessary anymore, in order to avoid the breaches. However, the traffic data is necessary for the
500:
Overall, data breach notifications leads to decreasing market value, evident in publicly traded companies experiencing a decrease in market valuation. Other costs include loss of consumer confidence and trust in the company, loss of business, decreased productivity, and exposure to third-party
433:
Chlotia Garrison and Clovia Hamilton theorized that a potential reason for the inability to pass a federal law on data breach notifications is states' rights. As of now, all 50 states have varying data breach notification laws. Some are restrictive, while others are broad. While there is not a
326:
In 2015, Japan amended the Act on the Protection of Personal Information (APPI) to combat massive data leaks. Specifically, the massive Benesse Corporation data leak in 2014 where nearly 29 million pieces of private customer information was leaked and sold. This includes new penal sanctions on
266:
Criticism of the data breach notification include: the unjustified exemption of certain entities such as small businesses and the Privacy Commissioner not required to post data breaches in one permanent place to be used as data for future research. In addition, notification obligations are not
407:
Some of the state differences in data breach notification laws include thresholds of harm suffered from data breaches, the need to notify certain law enforcement or consumer credit agencies, broader definitions of personal information, and differences in penalties for non-compliance.
249:
On 2018, Australia Privacy Amendment (Notifiable Data Breaches) Act 2017 went into effect. This amended the Privacy Act 1988 (Cth), which had established a notification system for data breaches involving personal information that lead to harm. Now, entities with existing personal
948:
254:
obligations under the Australian Privacy Act are required to notify the Office of Australian Information Commissioner (OAIC) and affected individuals of all “eligible data breaches.” The amendment is coming off large data breaches experiences in Australia, such as the
475:
Data breaches occur because of technical issues like bad code to economic issues causing competing firm to not cooperate with each other to tackle data security. In response, data breach notification laws attempt to prevent harm to companies and the public.
1074:
Consolidated text: Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic
1038:. Article 2(4)(c) of Directive 2009/136/EC amends Article 4(3-5) of Directive 2002/58/EC. This article deals with the security of processing data, breach notifications, and the obligation of service providers to ensure the protection of personal data.
334:
While proving the Japanese culture makes specific data breach notification laws necessary is difficult to objectively prove, what has been shown is that companies that experience data breach do experience both financial and reputation harm.
455:
with the laws and the costs. In addition, scholars have argued that a state-by-state approach has created the problem of uncompensated victims and inadequate incentives to persuade companies and governments to invest in data security.
1814:
Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic
241:(ITRC). It has also impacted millions of people and gained increasing public awareness due to large data breaches such as the October 2017 Equifax breach that exposed almost 146 million individual's personal information.
236:
The rise in data breaches conducted by both countries and individuals is evident and alarming, as the number of reported data breaches has increased from 421 in 2011, to 1,091 in 2016, and 1,579 in 2017 according to the
317:
Similar to US concerns for a state-by-state approach creating increased costs and difficulty complying with all the state laws, the EU's various breach notification requirements in different laws creates concern.
667:
404:
maintains a list of enacted and proposed security breach notification laws. Alabama and South Dakota enacted their data breach notification laws in 2018, making them the final states to do so.
1036:
of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws
501:
liability. Notably, the type of data that is leaked from the breach has varying economic impact. A data breach that leaks sensitive data experiences harsher economic repercussions.
233:(GDPR) and Australia's Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth), have added data breach notification laws to combat the increasing occurrences of data breaches.
215:
since 2002. Currently, all 50 states have enacted forms of data breach notification laws. There is no federal data breach notification law, despite previous legislative attempts.
1447:
434:
comprehensive federal law on data breach notifications, some federal laws require notifications of data breaches in certain circumstances. Some notable examples include: the
1280:
1048:
443:
1418:
299:
17:
1802:
1647:"The Effect of Internet Security Breach Announcements on Market Value: Capital Market Reactions for Breached Firms and Internet Security Developers"
731:
1381:
425:. In fact, in 2007, three federal data breach notification laws were proposed, but none passed Congress. In his 2015 State of the Union speech,
120:
46:
1336:
642:
Murciano-Goroff, Raviv (2019). "Do Data Breach Disclosure Laws Increase Firms; Investment in Securing their Digital Infrastructure?".
1693:
401:
786:"More Than a Suspect: An Investigation into the Connection Between Data Breaches, Identity Theft, and Data Breach Notification Laws"
1198:
893:"HACKING: THE NAKED AGE CYBERCRIME, CLAPPER & STANDING, AND THE DEBATE BETWEEN STATE AND FEDERAL DATA BREACH NOTIFICATION LAWS"
1361:
1277:
1786:
1110:
208:
Together, these goals work to minimize consumer harm from data breaches, including impersonation, fraud, and identity theft.
435:
306:
held by telecoms and Internet service providers. This law contains some of the notification obligations for data breaches.
223:
510:
firms or businesses; a mix of common law and statutory causes of action; and lastly most cases settle or are dismissed.
392:
In general, most state laws follow the basic tenets of California's original law: Companies must immediately disclose a
1265:
377:
230:
132:
52:
172:
154:
60:
1844:
1694:"The economic cost of publicly announced information security breaches: empirical evidence from the stock market"
1073:
439:
238:
1382:
https://www.bakerlaw.com/files/uploads/documents/data%20breach%20documents/state_data_breach_statute_form.pdf
380:, was enacted in 2002 and became effective on July 1, 2003. The bill was enacted in reaction to the fear of
1448:"Coalition of 32 State AGs Outline Opposition to Federal Preemption of State Data Breach Notification Laws"
365:
275:
In mid-2017, China adopted a new Cyber security Law, which included data breach notification requirements.
1839:
1829:
1813:
1034:
128:
1298:"The mandatory notification of data breaches: Issues arising for Australian and EU legal developments"
576:"Proving Limits of State Data Breach Notification Laws: Is a Federal Law the Most Adequate Solution?"
368:. As of August 2021, attempts to pass a federal data breach notification law have been unsuccessful.
288:
892:
489:
136:
1097:. IFIP Advances in Information and Communication Technology. Vol. AICT-474. pp. 86–105.
460:
923:
819:
1834:
609:
492:, the use of data breach notification has helped to decrease identity theft by 6.1 percent.
990:"The introduction of data breach notification legislation in Australia: A comparative view"
260:
256:
251:
843:"Private-Sector Attribution of Cyber Incidents: Benefits and Risks to the U.S. Government"
8:
1807:
314:
security incident response teams (CSIRTS) if they experience a significant data breach.
87:
Please help update this article to reflect recent events or newly available information.
1849:
1755:
1674:
1624:
1538:
1248:
1116:
1017:
870:
823:
815:
708:
605:
556:
464:
1596:
1049:"New specific rules for consumers when telecoms personal data is lost or stolen in EU"
1782:
1759:
1747:
1666:
1628:
1616:
1612:
1577:
1542:
1530:
1491:
1317:
1252:
1240:
1180:
1135:
1106:
1009:
904:
874:
862:
827:
807:
700:
597:
548:
1803:
National Conference of State Legislatures table of Security Breach Notification Laws
1678:
1646:
1120:
1021:
712:
1739:
1708:
1662:
1658:
1608:
1569:
1522:
1481:
1309:
1232:
1170:
1098:
1001:
854:
842:
802:
797:
785:
690:
682:
587:
560:
540:
528:
353:
1221:"Personal Data and the GDPR: Providing a Competitive Advantage for U.S. Companies"
858:
686:
592:
575:
544:
1284:
1297:
1102:
989:
1313:
1005:
485:
422:
381:
295:
284:
259:
in 2013 involving thousands of government officials and the data breach of NGO
227:
1510:
1823:
1751:
1692:
Campbell, Katherine; Gordon, Lawrence A.; Loeb, Martin P.; Zhou, Lei (2003).
1670:
1620:
1581:
1534:
1526:
1495:
1321:
1244:
1184:
1091:"A Comparative Legal Study on Data Breaches in Japan, the U.S., and the U.K."
1013:
908:
866:
811:
704:
601:
552:
449:
418:
303:
1712:
426:
218:
These laws were enacted in response to an escalating number of breaches of
1486:
1473:
393:
361:
212:
197:
1727:
1220:
668:"A comparative analysis of the EU GDPR to the US's breach notifications"
1743:
1557:
1337:"CSO Disclosure Series - Data Breach Notification Laws, State By State"
1236:
1175:
1158:
1136:"Data Security and Data Breach Notification for Financial Institutions"
695:
1645:
Cavusoglu, Huseyin; Mishra, Birendra; Raghunathan, Srinivasan (2004).
1573:
1157:
Lending, Claire; Minnick, Kristina; Schorno, Patrick J. (2018-04-02).
529:"Estimating the Contextual Risk of Data Breach: An Empirical Approach"
352:
Data Breach Notification Laws have been enacted in all 50 states, the
1726:
Romanosky, Sasha; Hoffman, David; Acquisti, Alessandro (2014-01-17).
949:"Australia's mandatory Data Breach Notification laws: Are You Ready?"
459:
constantly evolving data breach technologies. In 2018, a majority of
1090:
624:
463:
opposed a proposed federal data breach notification law that would
219:
1393:
1159:"Corporate Governance, Social Responsibility, and Data Breaches"
756:
411:
1556:
Romanosky, Sasha; Telang, Rahul; Acquisti, Alessandro (2011).
430:
guidelines and standards, but it never came out of committee.
847:
International Journal of Intelligence and CounterIntelligence
623:
Acquisti, Alessandro; Friedman, Allan; Telang, Rahul (2006).
440:
Financial Services Modernization Act (Gramm-Leach-Bliley Act)
119:
deal primarily with the United States and do not represent a
1779:
Breached!: Why Data Security Law Fails and How to Improve it
897:
Northwestern Journal of Technology and Intellectual Property
205:
is to promote company incentive to strengthen data security.
357:
1808:
Interactive map comparing U.S. security breach notice laws
1644:
450:
Debate over federal or state data breach notification laws
1478:
Communications of the Association for Information Systems
1199:"Transitioning from Privacy Act 1993 to Privacy Act 2020"
193:
1725:
1558:"Do data breach disclosure laws reduce identity theft?"
1555:
1474:"Challenges to Cybersecurity: Current State of Affairs"
924:"Privacy Amendment (Notifiable Data Breaches) Act 2017"
1691:
622:
263:
releasing 550,000 blood donor's personal information.
1419:"The Personal Data Notification & Protection Act"
1156:
625:"Is there a cost to privacy breaches? An event study"
1595:
Gatzlaff, Kevin M.; McCullough, Kathleen A. (2010).
1295:
1219:
Voss, W. Gregory; Houser, Kimberly A. (2019-05-20).
841:
Romanosky, Sasha; Boudreaux, Benjamin (2020-08-26).
1597:"The Effect of Data Breaches on Shareholder Wealth"
1296:Burdon, Mark; Lane, Bill; von Nessen, Paul (2010).
444:
Health Insurance Portability and Accountability Act
196:that require individuals or entities affected by a
1594:
840:
666:Garrison, Chlotia; Hamilton, Clovia (2019-01-02).
300:Directive on Privacy and Electronic Communications
211:Such laws have been irregularly enacted in all 50
757:"What is GDPR, the EU's new data protection law?"
644:Workshop on the Economics of Information Security
1821:
665:
378:California data security breach notification law
226:. Similarly, multiple other countries, like the
1509:White, Michael D.; Fisher, Christopher (2008).
675:Information & Communications Technology Law
641:
1728:"Empirical Analysis of Data Breach Litigation"
1334:
783:
1776:
298:implemented a breach notification law in the
117:The examples and perspective in this article
1777:Solove, Daniel J.; Hartzog, Woodrow (2022).
1651:International Journal of Electronic Commerce
1088:
412:Federal Data Breach Notification Law History
1511:"Assessing Our Knowledge of Identity Theft"
1508:
1095:Technology and Intimacy: Choice or Coercion
302:(E-Privacy Directive) in 2009, specific to
61:Learn how and when to remove these messages
1218:
1089:Ishii, Kaori; Komukai, Taro (2016-09-07).
726:
724:
722:
1562:Journal of Policy Analysis and Management
1485:
1174:
1133:
890:
801:
736:National Conference of State Legislatures
694:
591:
533:Journal of Management Information Systems
417:notification have been introduced in the
402:National Conference of State Legislatures
173:Learn how and when to remove this message
155:Learn how and when to remove this message
526:
719:
573:
527:Sen, Ravi; Borle, Sharad (2015-04-03).
14:
1822:
1445:
983:
981:
979:
977:
975:
973:
971:
969:
784:Bisogni, Fabio; Asghari, Hadi (2020).
1640:
1638:
1268:, Cal. Civ. Code 1798.82 and 1798.29.
1084:
1082:
886:
884:
1601:Risk Management and Insurance Review
987:
779:
777:
661:
659:
657:
655:
653:
103:
67:
26:
1471:
1362:"AB 1298 Assembly Bill - CHAPTERED"
1335:Scott Berinato (12 February 2008).
966:
732:"Security Breach Notification Laws"
484:A serious harm of data breaches is
224:personally identifiable information
24:
1770:
1732:Journal of Empirical Legal Studies
1635:
1302:Computer Law & Security Review
1079:
994:Computer Law & Security Review
891:Ronaldson, Nicholas (2019-05-01).
881:
504:
495:
479:
231:General Data Protection Regulation
25:
1861:
1796:
1446:Soroka, Saranna (April 8, 2018).
946:
774:
650:
278:
186:Security breach notification laws
42:This article has multiple issues.
18:Security breach notification laws
1613:10.1111/j.1540-6296.2010.01178.x
1140:North Carolina Banking Institute
371:
347:
108:
72:
31:
1719:
1685:
1588:
1549:
1502:
1465:
1439:
1411:
1386:
1375:
1354:
1328:
1289:
1271:
1259:
1212:
1191:
1150:
1127:
1067:
1041:
1028:
940:
915:
50:or discuss these issues on the
1663:10.1080/10864415.2004.11044320
1515:Criminal Justice Policy Review
1134:Honeywill, Sean (2006-03-01).
921:
834:
820:10.5325/jinfopoli.10.2020.0045
803:10.5325/jinfopoli.10.2020.0045
749:
635:
616:
567:
520:
338:
294:Examples of this include, the
239:Identity Theft Resource Center
13:
1:
1225:American Business Law Journal
859:10.1080/08850607.2020.1783877
790:Journal of Information Policy
687:10.1080/13600834.2019.1571473
610:10.5325/jinfopoli.6.2016.0154
593:10.5325/jinfopoli.6.2016.0154
580:Journal of Information Policy
545:10.1080/07421222.2015.1063315
513:
490:U.S. Federal Trade Commission
267:consistent at a state level.
200:, unauthorized access to data
190:data breach notification laws
1701:Journal of Computer Security
1426:Obamawhitehouse.archives.gov
436:Federal Trade Commission Act
244:
7:
1781:. Oxford University Press.
1103:10.1007/978-3-319-44805-3_8
131:, discuss the issue on the
10:
1866:
1314:10.1016/j.clsr.2010.01.006
1006:10.1016/j.clsr.2018.01.005
470:
421:, but none passed in the
289:Data Protection Directive
81:This article needs to be
1527:10.1177/0887403407306297
376:The first such law, the
321:
270:
1845:Information sensitivity
1810:(requires subscription)
574:Bisogni, Fabio (2016).
461:state attorneys general
1713:10.3233/JCS-2003-11308
928:www.legislation.gov.au
1053:Digital Single Market
988:Daly, Angela (2018).
222:databases containing
1487:10.17705/1cais.04302
629:ICIS 2006 Proceeding
354:District of Columbia
261:Australian Red Cross
252:information security
137:create a new article
129:improve this article
1278:SB 1386 Senate Bill
1744:10.1111/jels.12035
1472:Sen, Ravi (2018).
1283:2007-06-13 at the
1237:10.1111/ablj.12139
1176:10.1111/fire.12160
1840:Security breaches
1830:Computer security
1788:978-0-19-094057-7
1574:10.1002/pam.20567
1112:978-3-319-44804-6
1055:. 5 November 2016
183:
182:
175:
165:
164:
157:
139:, as appropriate.
102:
101:
65:
16:(Redirected from
1857:
1792:
1764:
1763:
1723:
1717:
1716:
1698:
1689:
1683:
1682:
1642:
1633:
1632:
1592:
1586:
1585:
1553:
1547:
1546:
1506:
1500:
1499:
1489:
1469:
1463:
1462:
1460:
1458:
1443:
1437:
1436:
1434:
1432:
1423:
1415:
1409:
1408:
1406:
1404:
1390:
1384:
1379:
1373:
1372:
1370:
1368:
1358:
1352:
1351:
1349:
1347:
1332:
1326:
1325:
1293:
1287:
1275:
1269:
1263:
1257:
1256:
1216:
1210:
1209:
1207:
1205:
1195:
1189:
1188:
1178:
1163:Financial Review
1154:
1148:
1147:
1131:
1125:
1124:
1086:
1077:
1071:
1065:
1064:
1062:
1060:
1045:
1039:
1032:
1026:
1025:
985:
964:
963:
961:
959:
944:
938:
937:
935:
934:
919:
913:
912:
888:
879:
878:
838:
832:
831:
805:
781:
772:
771:
769:
768:
753:
747:
746:
744:
742:
728:
717:
716:
698:
672:
663:
648:
647:
639:
633:
632:
620:
614:
613:
595:
571:
565:
564:
524:
178:
171:
160:
153:
149:
146:
140:
112:
111:
104:
97:
94:
88:
76:
75:
68:
57:
35:
34:
27:
21:
1865:
1864:
1860:
1859:
1858:
1856:
1855:
1854:
1820:
1819:
1815:communications)
1799:
1789:
1773:
1771:Further reading
1768:
1767:
1724:
1720:
1696:
1690:
1686:
1643:
1636:
1593:
1589:
1554:
1550:
1507:
1503:
1470:
1466:
1456:
1454:
1444:
1440:
1430:
1428:
1421:
1417:
1416:
1412:
1402:
1400:
1392:
1391:
1387:
1380:
1376:
1366:
1364:
1360:
1359:
1355:
1345:
1343:
1333:
1329:
1294:
1290:
1285:Wayback Machine
1276:
1272:
1264:
1260:
1217:
1213:
1203:
1201:
1197:
1196:
1192:
1155:
1151:
1132:
1128:
1113:
1087:
1080:
1075:communications)
1072:
1068:
1058:
1056:
1047:
1046:
1042:
1033:
1029:
986:
967:
957:
955:
953:Business Aspect
945:
941:
932:
930:
920:
916:
889:
882:
839:
835:
782:
775:
766:
764:
755:
754:
750:
740:
738:
730:
729:
720:
670:
664:
651:
640:
636:
621:
617:
572:
568:
525:
521:
516:
507:
505:Victim response
498:
496:Economic impact
482:
480:Criminal impact
473:
452:
438:(FTC Act), the
427:President Obama
414:
374:
350:
341:
324:
281:
273:
247:
179:
168:
167:
166:
161:
150:
144:
141:
126:
113:
109:
98:
92:
89:
86:
77:
73:
36:
32:
23:
22:
15:
12:
11:
5:
1863:
1853:
1852:
1847:
1842:
1837:
1832:
1818:
1817:
1811:
1805:
1798:
1797:External links
1795:
1794:
1793:
1787:
1772:
1769:
1766:
1765:
1718:
1707:(3): 431–448.
1684:
1634:
1587:
1568:(2): 256–286.
1548:
1501:
1464:
1438:
1410:
1385:
1374:
1353:
1327:
1308:(2): 115–129.
1288:
1270:
1258:
1231:(2): 287–344.
1211:
1190:
1169:(2): 413–455.
1149:
1126:
1111:
1078:
1066:
1040:
1027:
1000:(3): 477–495.
965:
939:
914:
880:
853:(3): 463–493.
833:
773:
748:
718:
649:
634:
615:
566:
539:(2): 314–341.
518:
517:
515:
512:
506:
503:
497:
494:
486:identity theft
481:
478:
472:
469:
451:
448:
423:109th Congress
413:
410:
382:identity theft
373:
370:
366:Virgin Islands
349:
346:
340:
337:
323:
320:
296:European Union
280:
279:European Union
277:
272:
269:
246:
243:
228:European Union
181:
180:
163:
162:
123:of the subject
121:worldwide view
116:
114:
107:
100:
99:
80:
78:
71:
66:
40:
39:
37:
30:
9:
6:
4:
3:
2:
1862:
1851:
1848:
1846:
1843:
1841:
1838:
1836:
1833:
1831:
1828:
1827:
1825:
1816:
1812:
1809:
1806:
1804:
1801:
1800:
1790:
1784:
1780:
1775:
1774:
1761:
1757:
1753:
1749:
1745:
1741:
1738:(1): 74–104.
1737:
1733:
1729:
1722:
1714:
1710:
1706:
1702:
1695:
1688:
1680:
1676:
1672:
1668:
1664:
1660:
1657:(1): 70–104.
1656:
1652:
1648:
1641:
1639:
1630:
1626:
1622:
1618:
1614:
1610:
1606:
1602:
1598:
1591:
1583:
1579:
1575:
1571:
1567:
1563:
1559:
1552:
1544:
1540:
1536:
1532:
1528:
1524:
1520:
1516:
1512:
1505:
1497:
1493:
1488:
1483:
1479:
1475:
1468:
1453:
1449:
1442:
1427:
1420:
1414:
1399:
1395:
1389:
1383:
1378:
1363:
1357:
1342:
1338:
1331:
1323:
1319:
1315:
1311:
1307:
1303:
1299:
1292:
1286:
1282:
1279:
1274:
1267:
1262:
1254:
1250:
1246:
1242:
1238:
1234:
1230:
1226:
1222:
1215:
1200:
1194:
1186:
1182:
1177:
1172:
1168:
1164:
1160:
1153:
1145:
1141:
1137:
1130:
1122:
1118:
1114:
1108:
1104:
1100:
1096:
1092:
1085:
1083:
1076:
1070:
1054:
1050:
1044:
1037:
1031:
1023:
1019:
1015:
1011:
1007:
1003:
999:
995:
991:
984:
982:
980:
978:
976:
974:
972:
970:
954:
950:
947:Green, Paul.
943:
929:
925:
918:
910:
906:
902:
898:
894:
887:
885:
876:
872:
868:
864:
860:
856:
852:
848:
844:
837:
829:
825:
821:
817:
813:
809:
804:
799:
795:
791:
787:
780:
778:
762:
758:
752:
737:
733:
727:
725:
723:
714:
710:
706:
702:
697:
692:
688:
684:
681:(1): 99–114.
680:
676:
669:
662:
660:
658:
656:
654:
645:
638:
630:
626:
619:
611:
607:
603:
599:
594:
589:
585:
581:
577:
570:
562:
558:
554:
550:
546:
542:
538:
534:
530:
523:
519:
511:
502:
493:
491:
487:
477:
468:
466:
462:
456:
447:
445:
441:
437:
431:
428:
424:
420:
419:U.S. Congress
409:
405:
403:
398:
395:
390:
387:
383:
379:
372:The 50 States
369:
367:
363:
359:
355:
348:United States
345:
336:
332:
328:
319:
315:
311:
307:
305:
304:personal data
301:
297:
292:
290:
286:
283:In 1995, the
276:
268:
264:
262:
258:
253:
242:
240:
234:
232:
229:
225:
221:
217:
214:
209:
207:
203:
199:
195:
191:
187:
177:
174:
159:
156:
148:
138:
134:
130:
124:
122:
115:
106:
105:
96:
84:
79:
70:
69:
64:
62:
55:
54:
49:
48:
43:
38:
29:
28:
19:
1835:Computer law
1778:
1735:
1731:
1721:
1704:
1700:
1687:
1654:
1650:
1607:(1): 61–83.
1604:
1600:
1590:
1565:
1561:
1551:
1518:
1514:
1504:
1477:
1467:
1455:. Retrieved
1451:
1441:
1429:. Retrieved
1425:
1413:
1401:. Retrieved
1397:
1388:
1377:
1365:. Retrieved
1356:
1344:. Retrieved
1340:
1330:
1305:
1301:
1291:
1273:
1261:
1228:
1224:
1214:
1202:. Retrieved
1193:
1166:
1162:
1152:
1143:
1139:
1129:
1094:
1069:
1057:. Retrieved
1052:
1043:
1030:
997:
993:
956:. Retrieved
952:
942:
931:. Retrieved
927:
917:
900:
896:
850:
846:
836:
793:
789:
765:. Retrieved
763:. 2018-11-07
760:
751:
739:. Retrieved
735:
678:
674:
643:
637:
628:
618:
583:
579:
569:
536:
532:
522:
508:
499:
483:
474:
467:state laws.
457:
453:
432:
415:
406:
399:
391:
385:
375:
351:
342:
333:
329:
325:
316:
312:
308:
293:
282:
274:
265:
248:
235:
216:
210:
206:
201:
189:
185:
184:
169:
151:
142:
118:
90:
82:
58:
51:
45:
44:Please help
41:
1521:(1): 3–24.
1452:JOLT Digest
1394:"RSA Blogs"
1204:29 November
958:30 November
696:10535/10737
586:: 154–205.
394:data breach
362:Puerto Rico
339:New Zealand
287:passed the
213:U.S. states
198:data breach
1824:Categories
1403:27 January
1341:CSO Online
933:2023-10-29
903:(4): 305.
767:2021-10-25
741:27 January
514:References
442:, and the
257:Yahoo hack
47:improve it
1850:Data laws
1760:155714280
1752:1740-1453
1671:1086-4415
1629:153592982
1621:1098-1616
1582:0276-8739
1543:144958696
1535:0887-4034
1496:1529-3181
1480:: 22–44.
1457:26 August
1322:0267-3649
1253:182271514
1245:0002-7766
1185:0732-8516
1146:(1): 269.
1014:0267-3649
909:1549-8271
875:235636491
867:0885-0607
828:226623656
812:2381-5892
796:: 45–82.
705:1360-0834
602:2158-3897
553:0742-1222
446:(HIPAA).
384:and fraud
245:Australia
145:June 2019
133:talk page
53:talk page
1679:10753015
1281:Archived
1121:41459415
1022:67358435
713:86668452
364:and the
220:consumer
127:You may
93:May 2014
1398:RSA.com
1266:SB 1386
761:GDPR.eu
646:: 1–39.
561:2311182
465:preempt
83:updated
1785:
1758:
1750:
1677:
1669:
1627:
1619:
1580:
1541:
1533:
1494:
1367:11 May
1346:11 May
1320:
1251:
1243:
1183:
1119:
1109:
1059:11 May
1020:
1012:
907:
873:
865:
826:
818:
810:
711:
703:
608:
600:
559:
551:
471:Impact
1756:S2CID
1697:(PDF)
1675:S2CID
1625:S2CID
1539:S2CID
1431:4 May
1422:(PDF)
1249:S2CID
1117:S2CID
1018:S2CID
871:S2CID
824:S2CID
816:JSTOR
709:S2CID
671:(PDF)
606:JSTOR
557:S2CID
322:Japan
271:China
135:, or
1783:ISBN
1748:ISSN
1667:ISSN
1617:ISSN
1578:ISSN
1531:ISSN
1492:ISSN
1459:2021
1433:2018
1405:2019
1369:2016
1348:2016
1318:ISSN
1241:ISSN
1206:2020
1181:ISSN
1107:ISBN
1061:2016
1010:ISSN
960:2020
922:AG.
905:ISSN
863:ISSN
808:ISSN
743:2019
701:ISSN
598:ISSN
549:ISSN
400:The
358:Guam
194:laws
192:are
1740:doi
1709:doi
1659:doi
1609:doi
1570:doi
1523:doi
1482:doi
1310:doi
1233:doi
1171:doi
1099:doi
1002:doi
855:doi
798:doi
691:hdl
683:doi
588:doi
541:doi
188:or
1826::
1754:.
1746:.
1736:11
1734:.
1730:.
1705:11
1703:.
1699:.
1673:.
1665:.
1653:.
1649:.
1637:^
1623:.
1615:.
1605:13
1603:.
1599:.
1576:.
1566:30
1564:.
1560:.
1537:.
1529:.
1519:19
1517:.
1513:.
1490:.
1476:.
1450:.
1424:.
1396:.
1339:.
1316:.
1306:26
1304:.
1300:.
1247:.
1239:.
1229:56
1227:.
1223:.
1179:.
1167:53
1165:.
1161:.
1144:10
1142:.
1138:.
1115:.
1105:.
1093:.
1081:^
1051:.
1016:.
1008:.
998:34
996:.
992:.
968:^
951:.
926:.
901:16
899:.
895:.
883:^
869:.
861:.
851:34
849:.
845:.
822:.
814:.
806:.
794:10
792:.
788:.
776:^
759:.
734:.
721:^
707:.
699:.
689:.
679:28
677:.
673:.
652:^
627:.
604:.
596:.
582:.
578:.
555:.
547:.
537:32
535:.
531:.
360:,
356:,
285:EU
56:.
1791:.
1762:.
1742::
1715:.
1711::
1681:.
1661::
1655:9
1631:.
1611::
1584:.
1572::
1545:.
1525::
1498:.
1484::
1461:.
1435:.
1407:.
1371:.
1350:.
1324:.
1312::
1255:.
1235::
1208:.
1187:.
1173::
1123:.
1101::
1063:.
1024:.
1004::
962:.
936:.
911:.
877:.
857::
830:.
800::
770:.
745:.
715:.
693::
685::
631:.
612:.
590::
584:6
563:.
543::
386:.
202:,
176:)
170:(
158:)
152:(
147:)
143:(
125:.
95:)
91:(
85:.
63:)
59:(
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.