Section 8.3

Security Breach Notification Laws in the U.S.

Laws requiring companies to notify affected parties if data records are compromised, lost, or stolen. Their goal is transparency and protection of individuals.

Computer Professionals for Social Responsibility (CPSR)

A global organization promoting the responsible use of technology through education and advocacy for ethical computing.

Federal Communications Commission (FCC)

An independent U.S. government agency that regulates communications by radio, television, wire, satellite, and cable.

Institute for Telecommunication Sciences (ITS)

The research and engineering laboratory of the National Telecommunications and Information Administration (NTIA). It develops advanced telecommunications and information infrastructure in the U.S.

National Institute of Standards and Technology (NIST)

A U.S. agency that promotes reliable, usable, interoperable, and secure systems, advancing measurement science and developing standards for emerging IT.

National Security Agency (NSA)

Protects U.S. vital data and networks, including confidential Department of Defense resources, military operations, and infrastructure like the power grid.

Computer Fraud and Abuse Act (CFAA)

A U.S. anti-hacking law that prohibits intentionally accessing a computer without authorization or exceeding authorized access.

Electronic Communications Privacy Act (ECPA)

A law protecting private communications, making it illegal for ISPs to share client communication data without consent.

Communication Assistance for Law Enforcement Act (CALEA)

Requires U.S. telecommunications carriers to modify equipment to accommodate lawful surveillance by law enforcement.

Anticybersquatting Consumer Protection Act

Protects U.S. organizations from unauthorized purchase of domain names that are identical or confusingly similar to trademarked names.

Federal Information Security Management Act (FISMA)

Requires each U.S. federal agency to develop, document, and implement a comprehensive information security program.

Health Insurance Portability and Accountability Act (HIPAA)

Provides federal protections for personal health information (PHI) and gives patients rights regarding their health data.

Section 508 of the Rehabilitation Act

Ensures U.S. federal government's IT and communications systems are accessible to persons with disabilities.

Family Educational Rights and Privacy Act (FERPA)

Grants students rights over their educational records and prevents institutions from sharing student data without consent.

Computer Matching and Privacy Protection Act

Requires written agreements between agencies before sharing data for matching programs.

Digital Millennium Copyright Act (DMCA)

A U.S. law specifying rights of copyright owners and users of digital media, especially online, prohibiting unauthorized distribution or circumvention of copyright protections.