Much Ado About Notification: Does the Rush to Pass State-Level Data Security Regulations Benefit Consumers: Difference between revisions

From Cybersecurity Wiki
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 5: Line 5:
==Full Citation==
==Full Citation==


Thomas M. Lenard and Paul H. Rubin, ''Much Ado About Notification: Does the Rush to Pass State-Level Data Security Regulations Benefit Consumers?'', Regulation, Vol. 29, No. 1 (2006).  [http://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID898208_code614152.pdf?abstractid=898208&mirid=1 ''Web''] [http://cyber.law.harvard.edu/cybersecurity/?title=Special:Bibliography&view=&startkey=Lenard_Rubin:2006&f=wikibiblio.bib ''BibTeX''] [http://papers.ssrn.com/sol3/papers.cfm?abstract_id=898208# ''SSRN'']
Thomas M. Lenard and Paul H. Rubin, ''Much Ado About Notification: Does the Rush to Pass State-Level Data Security Regulations Benefit Consumers?'', Regulation, Vol. 29, No. 1 (2006).   
 
[http://www.cato.org/pubs/regulation/regv29n1/v29n1-5.pdf ''Web'']  
 
[http://cyber.law.harvard.edu/cybersecurity/?title=Special:Bibliography&view=&startkey=Lenard_Rubin:2006&f=wikibiblio.bib ''BibTeX'']  
 
[http://papers.ssrn.com/sol3/papers.cfm?abstract_id=898208# ''SSRN'']


==Categorization==
==Categorization==
Line 17: Line 23:
==Synopsis==
==Synopsis==


Data security breaches have received considerable public attention of late, and have prompted several states to mandate that firms whose data may have been compromised to notify their customers of the security breaches. This study finds that the costs of a notification requirement are likely to be substantially higher than the benefits. Even for consumers whose data have been compromised, the probability of being a victim of fraud is so low - only 2 percent - that little action is justified. Overall, we estimate that the expected benefits of mandatory notification are very small - less than $10 per compromised individual.  
Data security breaches have received considerable public attention of late, and have prompted several states to mandate that firms whose data may have been compromised to notify their customers of the security breaches. This study finds that the costs of a notification requirement are likely to be substantially higher than the benefits. Even for consumers whose data have been compromised, the probability of being a victim of fraud is so low - only 2 percent - that little action is justified. Overall, the authors estimate that the expected benefits of mandatory notification are very small - less than $10 per compromised individual.  


==Additional Notes and Highlights==
==Additional Notes and Highlights==


'' * Outline key points of interest
'' * Outline key points of interest

Latest revision as of 10:05, 4 June 2010

Full Title of Reference

Much Ado About Notification: Does the Rush to Pass State-Level Data Security Regulations Benefit Consumers?

Full Citation

Thomas M. Lenard and Paul H. Rubin, Much Ado About Notification: Does the Rush to Pass State-Level Data Security Regulations Benefit Consumers?, Regulation, Vol. 29, No. 1 (2006).

Web

BibTeX

SSRN

Categorization

Issues: Information Sharing/Disclosure

Key Words

Data security breaches

Synopsis

Data security breaches have received considerable public attention of late, and have prompted several states to mandate that firms whose data may have been compromised to notify their customers of the security breaches. This study finds that the costs of a notification requirement are likely to be substantially higher than the benefits. Even for consumers whose data have been compromised, the probability of being a victim of fraud is so low - only 2 percent - that little action is justified. Overall, the authors estimate that the expected benefits of mandatory notification are very small - less than $10 per compromised individual.

Additional Notes and Highlights

* Outline key points of interest