Morning Security Brief: Lawmakers Cut Budget, Companies Testify on Data Theft, and Law Criminalizes Password Sharing
House passes reduced homeland security budget, companies testify on data breach incidents, and a new Tennessee law makes sharing passwords illegal.
♦ The House of Representatives has approved the 2012 appropriations bill (H.R. 2017) for the Department of Homeland Security. According to the Associated Press , the $42 billion budget approved by the Republican-led House was $1 billion less that the Obama Administration requested. Some of the cuts include port and transit security grants and money for high-risk cities. The bill includes an additional $10 million for cell phone towers along the U.S. border with Mexico and additional $2 million in funds for disaster relief. However, the House refused to fund a $76 million request for 275 additional full body scanners to be used at airports.
♦ The federal government should mandate data breach requirements for companies. This was the conclusion reached by witnesses testifying before the House Energy and Commerce Committee’s Subcommittee on Commerce, Manufacturing, and Trade. Designed to illicit information about the recent high-profile data breaches at Sony and Epsilon, Subcommittee Chair Mary Bono Mack (R-CA) asked representatives from both companies to comment on the incidents and discuss the usefulness of federal regulation. Jeanette Fitzgerald, general counsel for Epsilon Data Management told the subcommittee that her company supports a federal law and would consider it an improvement over the existing environment—a patchwork of 45 different state laws. President of Sony Network Entertainment International Tim Schaaff agreed that a single law would be helpful, but he warned that it should require companies to provide useful information. Lawmakers should be cautious because issuing “vague or speculative statements” would “either confuse and panic people, without giving them useful facts, or bombard them with so many announcements that they become background noise.”
♦ Tennessee Governor Bill Haslam has approved a new law (formerly S.B. 1659) that will make it illegal to share log-in information such as usernames and passwords. As reported by CNET News , even family members who share log-in information to Internet subscription services could be guilty of theft under the new law. Those found guilty of stealing $500 worth of content by using another person’s log-in information could face up to a year in jail and a $2,500 fine. Under the law, only the subscription service providers can press charges against would-be thieves.