- Journal Archives
- Volume 17
- Volume 16
- Volume 15
- Volume 14
- Volume 13
- Volume 12
- Volume 11
- Volume 10
- Volume 9
- Volume 8
- Volume 7
- Volume 6
- Volume 5
- Volume 4
- Volume 3
- Volume 2
- Volume 1
Cybercrime rates are rising. That part you probably knew. What you may not have known is that Congress is attempting to heighten public companies’ disclosure requirements for cyber security breaches. In October 2011, the SEC released guidance for cyber security reports intended to encourage companies to report “material risks” of concern to investors. However, the guidance is exactly as it sounds: guidance. Companies are currently not required to comply.
With hackers growing bolder in their target selection (previously infallible companies like Visa and MasterCard have recently been victims of cyber crime), Congress seeks to ensure that investors are aware of how cyber security risks affect companies’ bottom line. The financial repercussions of these breaches can be staggering: a UK company recently sustained $1.5 billion in revenue losses.
Thus, Senator Jay Rockefeller has added a measure to pending cyber security legislation requiring the SEC to clearly articulate when companies must disclose both security breaches and the procedure companies implement to protect their networks against further break-ins.
Just how effective these new requirements, if passed, will be is unclear. The consequences of cyber breaches are clear: dozens of Fortune 500 companies have lost or had exposed valuable information through cyber theft, including intellectual property, bank account information, pharmaceutical companies’ patient records, and internal legal documents, to name a few. Hackers, however, are increasingly difficult to identify, and the techniques they use are nearly impossible to anticipate. Therefore, Senator Rockefeller’s proposal will likely do little to reduce investors’ risk. In reality, if companies are required to over-report, investors will refrain from investing, thereby negatively impacting the economy.
The reality is that as hackers expand their expertise, investors are increasingly familiarizing themselves with the weaknesses of the Internet-based society in which we live. The reality is that cyber crime is not new. The Millennials, many of whom are currently entering the ranks of investors, have grown up knowing that online information storage is not necessarily as safe as we would prefer. In choosing to make use of and invest in these products, we account for the risks associated with such technology. Therefore, while updating cyber security legislation to require companies to account for data breaches will be informative, its utility is arguably restricted to the older generations still largely unacquainted with the openness of the Internet. As this population continues to age, these investors will increasingly be replaced by more tech-savvy investors that are more comfortable with the risks associated with companies’ Internet usage. Meanwhile, disclosure may unnecessarily compromise companies’ ability to generate revenue through investments. Consequently, while commendable, Senator Rockefeller’s amendments may be more harm than help.
– Swathi Padmanabhan
Recent Blog Posts
- The Vanderbilt Journal of Entertainment & Technology Law Jumps Thirty-One Spots to Highest Ranking Ever
- Hiding Behind the Computer Screen: James Woods Files Defamation Lawsuit Against a Twitter User
- Let’s Enjoy Fantasy Football…While We Can
- Guest Post: Tweeting Away Patient Privacy
- Naturally Occurring or Mind-made?
- Does China’s 2022 Winter Olympics Song Intentionally Plagiarized ‘Frozen’s’ ‘Let It Go’?
Tagsadvertising antitrust Apple books career celebrities contracts copyright copyright infringement courts creative content criminal law entertainment Facebook FCC film/television financial First Amendment games Google government intellectual property internet JETLaw journalism lawsuits legislation media medicine Monday Morning JETLawg music NFL patents privacy progress publicity rights radio social networking sports Supreme Court of the United States (SCOTUS) technology telecommunications trademarks Twitter U.S. Constitution