Proving Limits of State Data Breach Notification Laws: Is a Federal Law the Most Adequate Solution?

F. Bisogni

Research output: Contribution to journalArticleScientificpeer-review

14 Downloads (Pure)

Abstract

This article investigates the adequateness of data breach notification laws and the possible impact of a federal law in the United States. Based on the analysis of 445 notifications issued in 2014, three observations for law development are presented. First, the question about underreporting is raised and a possible option for facilitating its emergence is proposed. Second, the specification of the dates of the breach detection and of the breach itself are identified as essential to foster consumers’ reaction. Finally, a stricter regulation of the content of the notification is suggested to avoid firms minimizing the actual risk.
Original languageEnglish
Pages (from-to)154-205
JournalJournal of Information Policy
Volume6
DOIs
Publication statusPublished - 2016

Keywords

  • Data breaches
  • Data breach notification laws
  • identity theft
  • Notification

Fingerprint Dive into the research topics of 'Proving Limits of State Data Breach Notification Laws: Is a Federal Law the Most Adequate Solution?'. Together they form a unique fingerprint.

Cite this