The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.03 - May-June (2013 vol.11)
pp: 72-76
Travis Breaux , Carnegie Mellon University
David Gordon , Carnegie Mellon University
ABSTRACT
As new technology challenges our assumptions about security and privacy, lawmakers respond by attempting to curb and avoid the most egregious risks to the public. In this article, the authors examine how emerging US security and privacy laws create new requirements that constrain software development affecting business owners and developers who want to design security and privacy into IT systems.
INDEX TERMS
Legal aspects, Security, Data prviacy, Social factors, Public policy, privacy, Legal aspects, Security, Data prviacy, Social factors, Public policy, HIPPA, Legal aspects, Security, Data prviacy, Social factors, Public policy, COPPA, law
CITATION
Travis Breaux, David Gordon, "What engineers should know about US security and privacy law", IEEE Security & Privacy, vol.11, no. 3, pp. 72-76, May-June 2013, doi:10.1109/MSP.2013.74
REFERENCES
1. S. Romanosky, R. Telang, and A. Acquisti, "Do Data Breach Disclosure Laws Reduce Identity Theft?," J. Policy Analysis and Management, vol. 30, no. 2, 2009, pp. 256–286.
2. T.D. Breaux and A.I. Antón, "Analyzing Regulatory Rules for Privacy and Security Requirements," IEEE Trans. Software Engineering, vol. 34, no. 1, 2008, pp. 5–20.
3. New State Ice Co. V. Liebmann, 285 US 262, 1932.
4. J.C. Maxwell, A.I. Antón, and P. Swire, "Managing Changing Compliance Requirements by Predicting Regulatory Evolution," Proc. 20th IEEE Int'l Conf. Requirements Eng., IEEE CS, 2012, pp. 101–110.
5. T.D. Breaux, M.W. Vail, and A.I. Antón, "Towards Regulatory Compliance: Extracting Rights and Obligations to Align Requirements with Regulations," Proc. 14th IEEE Int'l Conf. Requirements Eng., IEEE CS, 2006, pp. 49–58.
6. T.D. Breaux and D.G. Gordon, "Regulatory Requirements Traceability and Analysis Using Semi-Formal Specifications," Proc. 19th Working Conf. Requirements Eng.: Foundations for Software Quality, Springer, 2013.
7. P.J. Schlag, "Rules and Standards," UCLA Law Rev., vol. 33, Dec. 1985; http://lawweb.colorado.edu/profiles/pubpdfs/ schlagschlagUCLALR.pdf.
8. "Children's Online Privacy Protection Rule; Final Rule," Federal Register, vol. 78, no. 12, 2013, Federal Trade Commission, 16 CFR Part 312.
9. "Standards for Safeguarding Customer Information; Final Rule," Federal Register, vol. 67, no. 100, Federal Trade Commission, 16 CFR Part 314.
10. "Protecting Consumer Privacy in an Era of Rapid Change," Federal Trade Commission report, Mar. 2012.
11. T.D. Breaux and D.L. Baumer, "Le-gally 'Reasonable' Security Re-quirements: A 10-Year FTC Retrospective," Computers and Security, vol. 30, no. 4, 2011, pp. 178–193.
12. I. Rubenstein, "Regulating Privacy by Design," Berkeley Tech. Law J., vol. 26, no. 3, 2011; http://btlj.org/data/articles/26_31409-1456_Rubinstein_WEB%20031012.pdf.
23 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool