0 Flares Facebook 0 Twitter 0 Google+ 0 0 Flares ×

The Cybersecurity Act of 2012 is a Senate bill in the US, likely to be voted on this week. Surely, after watching how fast SOPA/PIPA became a distant memory (6 months ago), to have new legislation in the same year, I am now left wondering, “Who do you hold accountable for cybersecurity?”. So, this post is not about the legislation involved in the bill. It is about “why bills like this keep showing up”, and “who is accountable”.

Truth be told, you can pass 1000 laws and it still wont stop people from doing what they want to do, if they are vigilant enough (especially if they see nothing wrong with what they are doing). This lends itself to the reasoning why private businesses monitor activity on their own websites to protect their business. Every website does it. They have to do it, and to think otherwise is choosing to be naive because those extreme cases of one person’s behavior can destroy the reputation of a business.

So…Why the fear and why more legislation? If you read this article from Forbes, it seems to come down to “right to privacy”, or even more so, evidence of possible crimes obtained without warrant. When it comes to running a business, more security means more cost. Let’s throw the cards on the table…

Who would you hold accountable for handling your security of activity online?

  • The business’ terms of service agreement
  • The law created by US Government

Sounds like an argument that has come up many times throughout history. My concern is always the same:

  • “How does someone create laws meant to protect civil liberties and make people accountable, while being highly  ill-informed as to how and what is being protected, and based only on fear of what could happen with no substantial proof it will?”. (ie. show some street creds)
  • “Will certain laws lead people into a false sense of security?”

What do you think?