theprof00 said:
Without Sony or Epsilon present, much of the hearing focused on potential data protection legislation that would create some kind of process for auditing a company's data security measures to make sure they conform to best practices. Breach notification rules were also discussed, and the Federal Trade Commission pushed for Congress to give it civil penalty authority to go after companies that lose data through carelessness; in the last 10 years, the FTC has brought cases against 34 such companies, though it is currently limited in the penalties it can seek.
So currently, no legislation exists, and they discussed what laws should be made. Looks like Sony is scot-free for this case. |
What about those cases? Are they government related only now?
