ElcomSoft always have yet another pair of eyes for your privacy… 
Archive for the ‘Did you know that...?’ Category
It was Data Privacy Day… our warmest congratulations!
Friday, January 29th, 2010Encryption and decryption from security law perspective (Part II)
Friday, July 3rd, 2009In my previous post I suggested several variants of computer security translated by different laws. Now I’d like to get to ciphers…again viewed by law.
So, how does the law see encryption and decryption issues through glasses of security standard? First of all, it says there simply should be encryption/decryption tools available.
ENCRYTION AND DECRYPTION (A) – § 164.312(a)(2)(iv)
Where this implementation specification is a reasonable and appropriate safeguard for a covered entity, the covered entity must:
“Implement a mechanism to encrypt and decrypt electronic protected health information.”
Reasonable, appropriate, adequate…security (Part I)
Tuesday, June 30th, 2009Most laws define security obligations as reasonable, appropriate, suitable, necessary, adequate etc. without giving more precise directives to follow. Is it good or bad? And what should be known about these standards?
Let’s see what major security standards say about recommended security measures.
The U.S. statutes on password related crimes – overview by states
Thursday, June 18th, 2009In this entry I’d like to suggest a kind of a list of various legal decisions on password [ab]use I could find on the web. Your add-ins are welcome, just put in any other acts you know…
Georgia Computer Systems Protection Act
(e) Computer Password Disclosure. Any person who discloses a number, code, password, or other means of access to a computer or computer network knowing that such disclosure is without authority and which results in damages (including the fair market value of any services used and victim expenditure) to the owner of the computer or computer network in excess of $500.00 shall be guilty of the crime of computer password disclosure.