Data Privacy and Security Law

The Oxford Handbook of Cyber Security Pub Date : 2021-11-04 DOI:10.1093/oxfordhb/9780198800682.013.20

F. Cate, Rachel Dockery

{"title":"Data Privacy and Security Law","authors":"F. Cate, Rachel Dockery","doi":"10.1093/oxfordhb/9780198800682.013.20","DOIUrl":null,"url":null,"abstract":"This chapter discusses cybersecurity laws. Many measures employed to enhance cybersecurity pose a risk to privacy. In addition, data protection laws focus only on personally identifiable information, while cybersecurity is also concerned with securing economic data such as trade secrets and company databases, government information, and the systems that transmit and process information. As a practical matter, despite the prominence of security obligations in data protection legislation, these were often downplayed or ignored entirely until recent years. Only as cybersecurity threats became more pressing did regulators begin actively enforcing the security obligations found in most data protection laws. More recently, legislative bodies and regulators have begun adopting cybersecurity-specific obligations. However, even these have often mirrored or been combined with privacy protections, sometimes to the detriment of effective cybersecurity. The chapter describes major categories of cybersecurity law, including unfair or deceptive practices legislation, breach notification laws, and data destruction laws. It also considers the new focus on critical infrastructure and information sharing, the China Cybersecurity Law, and the new challenges to data privacy and security law.","PeriodicalId":336846,"journal":{"name":"The Oxford Handbook of Cyber Security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Oxford Handbook of Cyber Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1093/oxfordhb/9780198800682.013.20","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

This chapter discusses cybersecurity laws. Many measures employed to enhance cybersecurity pose a risk to privacy. In addition, data protection laws focus only on personally identifiable information, while cybersecurity is also concerned with securing economic data such as trade secrets and company databases, government information, and the systems that transmit and process information. As a practical matter, despite the prominence of security obligations in data protection legislation, these were often downplayed or ignored entirely until recent years. Only as cybersecurity threats became more pressing did regulators begin actively enforcing the security obligations found in most data protection laws. More recently, legislative bodies and regulators have begun adopting cybersecurity-specific obligations. However, even these have often mirrored or been combined with privacy protections, sometimes to the detriment of effective cybersecurity. The chapter describes major categories of cybersecurity law, including unfair or deceptive practices legislation, breach notification laws, and data destruction laws. It also considers the new focus on critical infrastructure and information sharing, the China Cybersecurity Law, and the new challenges to data privacy and security law.

查看原文本刊更多论文

数据隐私和安全法

本章讨论网络安全法律。许多用于加强网络安全的措施对隐私构成了风险。此外，数据保护法只关注个人身份信息，而网络安全也涉及保护经济数据，如商业秘密和公司数据库、政府信息以及传输和处理信息的系统。作为一个实际问题，尽管安全义务在数据保护立法中占有突出地位，但直到最近几年，这些义务往往被淡化或完全忽视。只有在网络安全威胁变得更加紧迫的情况下，监管机构才开始积极执行大多数数据保护法中规定的安全义务。最近，立法机构和监管机构已经开始采取网络安全的具体义务。然而，即使是这些措施也经常与隐私保护相对应或相结合，有时会损害有效的网络安全。本章介绍了网络安全法的主要类别，包括不公平或欺诈行为立法、违规通知法和数据销毁法。它还考虑了关键基础设施和信息共享的新焦点，中国网络安全法，以及数据隐私和安全法的新挑战。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

The Oxford Handbook of Cyber Security

自引率

0.00%

发文量