• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » Cyber Security Legislation

Cyber Security Legislation

Cyber security legislation exists at the Federal and State level, with State level legislation being more restrictive than Federal regulations. The applicable Federal programs are the CAN-SPAM Act, USA Patriot Act (USAPA), Children’s Online Privacy Act, Fair Credit Reporting Act, Freedom of Information Act and the Gramm-Leach-Billey Act. While all of these acts are considered “Cyber Security” regulations, the two most relevant ones are the Patriot and the Gramm-Leach-Billey Acts.

The Patriot Act of 2001 broadened the scope of electronic surveillance before the Patriot Act electronic surveillance was a tool to be used only against foreign intelligence gathering. The USAPA was widened so that probable foreign surveillance is no longer the only requirement for surveillance. Now, electronic surveillance can be used even in purely criminal cases where it is not probable that intelligence gathering is occurring. It also allowed for up to a year of surveillance without a warrant.

Before the authorization and renewal of USAPA police were required to get a warrant to wiretap or trace someone. This required a panel of Federal judge’s approval. Now all that is required is proof that the data that would be found through this trace would be relevant to the investigation in some way. While this tap would not necessarily include recordings of the conversations, it does include meta-data such as who was called and for how long.

This becomes a cyber security issue with electronic communications. With telecommunications, it is easy to separate the meta-data from the conversation, but with an email this is more difficult. The send and receive addresses are part of an email. To extract the sender data from an email a federal agent would have to have access to the entire email.

While the USAPA does not give unrestricted access to content, only metadata, it is easy to see where the potential for abuse arrives. If an investigator has to see the email to get the sender data they’re looking for, the only thing stopping them from looking at the rest of the email is the good will of the officer who’s doing it. Even a purely electronic system of extracting this sort of data would have to view the contents of the email, which would violate the privacy of the sender.

The Gramm-Leach-Billey Act primarily pertains to the safeguarding of financial data, such as loans and mortgages. It requires that “financial institutions” comply with certain minimal electronic safeguards, or face fines and other punishments. The term “financial institution” covers more than just banks however, it also includes courier services, property appraisers, non-bank lenders and anyone else “significantly engaged in providing financial services or products.”

The Gramm-Leach-Billy act has several requirements that must be met by any business that falls under it. They must: identify risks and assess them; create, maintain and regularly test a cybersecurity program; select service providers who maintain their own cybersecurity program; designate at least one employee to coordinate their cyber security and information security programs; they must keep their program up to date with new or evolving circumstances.

Federal cyber security guidelines are less restrictive than state guidelines, as state legislation can only ever increase regulation not remove it. As part of an ongoing series, AskCyberSecurity.com will look into and layout how various regulations at the Federal and State level can affect you and your business.

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Vaccines for Sale on Dark Web Marketplaces

Cyber Information Systems Security Manager 2

Google Says Advertisers Don’t Need to Track Individual Across the Web

Malaysia Airlines Reports Data Breach

Intelligence Manager – Emerging Threats

IPVanish

IPVanish VPN

Cyber Security News

Vaccines for Sale on Dark Web Marketplaces

… [Read More...] about Vaccines for Sale on Dark Web Marketplaces

Google Says Advertisers Don’t Need to Track Individual Across the Web

… [Read More...] about Google Says Advertisers Don’t Need to Track Individual Across the Web

Malaysia Airlines Reports Data Breach

… [Read More...] about Malaysia Airlines Reports Data Breach

Email Scam Impersonates Your HR Department

… [Read More...] about Email Scam Impersonates Your HR Department

More Cyber Security News

Tags

amazon Android app Apple bitcoin China chrome CISA credit card Cyber Attack DHS Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware Romance Scam Russia smartphone tax scam TikTok tutorial VPN WhatsApp WiFi Windows

Government

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

Texas DOT Hit by Ransomware Attack

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2021 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version