In 2005, 20 different states and the City of New York followed California's lead and passed laws seeking to require entities collecting or storing personally identifiable information to notify the subjects of the information if that information allows unauthorized third parties access to that information. There are now 21 different state laws on the subject, many with very different requirements. Federal legislation is hoped for, but passage of broadly preemptive federal legislation is far from certain. This book provides comprehensive guidance to all 21 state (and one local) legislative efforts at breach notification statutes, categorizes the various aspects of such statutes and specifically describes how each different state deals with each aspect. It points out the similarities and differences of each state law. The approach is simply a detailed summary of each different legislative scheme.

When polluted air mixes with rain, snow, and fog, acid precipitation forms. This acidity has caused people to worry about the environment. Another concern is its effect on historic buildings and monuments. This booklet focuses on acid rain and its impact on our Nation¿s capital. In 1997, rain in Washington, D.C., had an average acidity of 4.2, about as acid as a carbonated drink and more than 10 times as acid as clean, unpolluted rain. This booklet defines acid rain, explains what effects it has on marble and limestone buildings, and shows, on a walking tour, some of the places in our Nation¿s capital where you can see the impact of acid precipitation. Includes a Glossary of Geologic and Architectural Terms and a map. Color photos.

Security breach notification laws have been enacted in most U.S. states since 2002. These laws were enacted in response to an escalating number of breaches of consumer databases containing personally identifiable information. The first such law, the California data security breach notification law, Cal. Civ. Code 1798.82 and 1798.29, was enacted in 2002 and became effective on July 1, 2003. As related in the bill statement, law requires ""a state agency, or a person or business that conducts business in California, that owns or licenses computerized data that includes personal information, as defined, to disclose in specified ways, any breach of the security of the data, as defined, to any resident of California whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person."" In addition the law permits delayed notification ""if a law enforcement agency determines that it would impede a criminal investigation."" The law also requires any entity that licenses such information to notify the owner or licensee of the information of any breach in the security of the data. In general, most state laws follow the basic tenets of California's original law: Companies must immediately disclose a data breach to customers, usually in writing. The European Union implemented a breach notification law in the Directive on Privacy and Electronic Communications (E-Privacy Directive) in 2009. This directive has to implemented by national law until 25 May 2011. This book is your ultimate resource for Data Breach Notification Laws. Here you will find the most up-to-date information, analysis, background and everything you need to know. In easy to read chapters, with extensive references and links to get you to know all there is to know about Data Breach Notification Laws right away, covering: Security breach notification laws, Directive on Privacy and Electronic Communications, Personally identifiable information, Computer security, Portal: Computer security, 2009 Sidekick data loss, AAFID, Absolute Manage, Accelops, Acceptable use policy, Access token, Advanced Persistent Threat, Air gap (networking), Ambient authority, Anomaly-based intrusion detection system, Application firewall, Application security, Asset (computer security), Attack (computer), AutoRun, Blacklist (computing), Blue Cube Security, BlueHat, Centurion guard, Client honeypot, Cloud computing security, Collaboration-oriented architecture, Committee on National Security Systems, Computer Law and Security Report, Computer security compromised by hardware failure, Computer security incident management, Computer security model, Computer surveillance, Confused deputy problem, Consensus audit guidelines, Countermeasure (computer), CPU modes, Cracking of wireless networks, Crackme, Cross-site printing, CryptoRights Foundation, CVSS, Control system security, Cyber security standards, Cyber spying, Cyber Storm Exercise, Cyber Storm II, Cyberconfidence, Cyberheist, Dancing pigs, Data breach, Data loss prevention software, Data validation, Digital self-defense, Dolev-Yao model, DREAD: Risk assessment model, Dynamic SSL, Economics of security, Enterprise information security architecture, Entrust, Evasion (network security), Event data, Event Management Processes, as defined by IT IL, Federal Desktop Core Configuration, Federal Information Security Management Act of 2002, Flaw hypothesis methodology, Footprinting, Forward anonymity, Four Horsemen of the Infocalypse, Fragmented distribution attack, Higgins project, High Assurance Guard, Host Based Security System, Host Proof Storage...and much more This book explains in-depth the real drivers and workings of Data Breach Notification Laws. It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Data Breach Notification Laws with the objectivity of experienced professionals.

Against a backdrop of annual data breaches compromising approximately one billion global records and an average data breach cost of nearly six billion dollars, the absence of clear US federal strategy for data breach notification and security requirements threatens both consumer privacy and business contracting efficiency. Fifty-one US states and territories have created data breach notification and other statutes, creating a range of statutory requirements for businesses, from strict to flexible. Prevailing and trending state statutes provide an opportunity to create a common federal US data breach notification statute, and by leveraging state statutory language in its text, a federal statute could improve security for consumers and efficiency for business while reflecting local attitudes regarding data breach notification and data protection.

Security breaches involving electronic personal data have come to light largely as a result of the California Security Breach Notification Act, a California notification law that went into effect in 2003. In response, the states and some Members have introduced bills that would require companies to notify persons affected by such security breaches. By December 2005, 35 states had introduced data security legislation and 22 states had enacted data security laws.