Uber’s Chief Information Security Officer (CISO), John Flynn, made a case for a uniform national data breach notification law in his testimony to members of Congress (see penultimate paragraph of full written testimony):
I would like to conclude by stating that we strongly support a unified, national approach to data security and breach standards. We are proactively engaged in the many conversations in both the technical and policy communities to help identify what the critical components of federal data breach legislation should be, and are pleased to see this robust conversation taking place with various Members of Congress and your staff. We welcome the opportunity to be at the table to help all stakeholders understand the best practices.
If you are a CISO of a company and are interested in participating in this discussion, please considering joining the National Technology Security Coalition (NTSC) in this effort to get an appropriate uniform federal data breach notification law passed. (Disclaimer, I am a member of the NTSC’s Policy Counsel and will be assisting in drafting proposed legislation.)
See these related posts:
- State Data Breach Notification Law Mishmash Would Get Worse With Proposed NC and SD Legislation— Is Instant Notification by Clairvoyant Next?
- National Data Breach Notification Law Proposed by Senate Commerce Committee Members (Includes Jail?)
- National Data Breach Notification Law Pros and Cons? What Do You Think?
Shawn Tuma (@shawnetuma) is an attorney with an internationally recognized reputation in cybersecurity, computer fraud, and data privacy law. He is a Cybersecurity & Data Privacy Attorney at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.