Why It’s Now Time for an Internationally Harmonized Legal Regime for Information Security and Privacy

Vol. 14 No. 3

Charles Cresson Wood (ccwood@ix.netcom.com) is an attorney and an independent information security and privacy consultant based in Mendocino, California. Working in the field for over 35 years, he recently published an article in the Journal of Legislation entitled “Solving the Information Security and Privacy Crisis.” William S. Rogers Jr. (wsrogers@princelobel.com) is chair of Prince Lobel’s Data Privacy and Security Practice in Boston, Massachusetts. He focuses on compliance, risk management, and breach-related regulatory enforcement and civil litigation. Ralph Spencer Poore (rspoore@ralph-s-poore.com) has over 45 years of information security experience, including more than 20 years of applied cryptography. He has written extensively on information security and cryptography.

Recent events provide ample examples of the dramatic and serious damage done by failures associated with the current information security and privacy rulemaking system. Consider that the software VW developed to defeat smog emissions testing, arguably a computer crime of multinational proportions, went undetected for six years.1 On another note, a large region in the Ukraine with 230,000 affected people was plunged into an electrical blackout via a sophisticated power grid sabotage attack perpetrated by hackers, an attack that disabled not only the existing grid but also grid backup systems.2 Also consider that a nation-state (allegedly North Korea) attacked a major corporation (Sony Pictures); the attack was so devastating to information security and privacy systems that management at the victimized firm were left communicating only with traditional landline telephone systems and paper memos.3 While many other recent examples could be cited, it is clear that current information security and privacy losses are spiraling out of control, and the applicable laws and regulations and the supporting infrastructure (such as law enforcement) are collectively failing to control these mounting and often devastating losses.

Premium Content for:

  • ABA Section of Science and Technology Law Members
Join Now

Already a member? Log In


Advertisement

  • About The SciTech Lawyer

  • Subscriptions

  • Contact Us

  • More Information