Sony and Epsilon back national data breach standard
“Epsilon fully supports national legislation that would create a uniform standard for data breach notification,” said Jeanette Fitzgerald, general counsel for Epsilon Data Management.
“The current patchwork of individual state breach notification laws only serves to create confusion among consumers and businesses, and imposes unnecessary compliance costs.
A uniform national law, on the other hand, would provide predictability and equity for consumers, regardless of their state of residence, and would make it much easier and less costly for business to ensure any applicable notification requirements are met,” she added
Sony Network Entertainment International president Tim Schaaff agreed that a national law would be extremely helpful and estimated the recent attack that brought down Sony’s PlayStation Network would ultimately cost the firm roughly $170 million.
Schaaff noted that small businesses face more attack than their corporate counterparts and are less equipped to respond to large breaches. He also defended Sony’s delay of almost a week before notifying customers of the breach via email, arguing the firm first had to ascertain what data had been taken.