About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline

27 Santa Clara Computer & High Tech. L. J. 63 (2011)
Contextualizing the Tensions and Weaknesses of Information Privacy and Data Breach Notification Laws

handle is hein.journals/sccj27 and id is 65 raw text is: CONTEXTUALIZING THE TENSIONS AND
WEAKNESSES OF INFORMATION PRIVACY AND
DATA BREACH NOTIFICATION LAWS
Mark Burdont
Abstract
Data breach notification laws have detailed numerous failures
relating to the protection of personal information that have blighted
both corporate and governmental institutions. There are obvious
parallels between data breach notification and information privacy
law as they both involve the protection of personal information.
However, a closer examination of both laws reveals conceptual
diferences that give rise to vertical tensions between each law and
shared horizontal weaknesses within both laws. Tensions emanate
from conflicting approaches to the implementation of information
privacy law that results in different regimes and the implementation
of different types of protections. Shared weaknesses arise from an
overt focus on specified types ofpersonal information which results in
'one size fits all' legal remedies. The author contends that a greater
contextual approach which promotes the importance of social context
is required and highlights the effect that contextualization could have
on both laws.
I. INTRODUCTION
Data breach notification laws appear to have been a successful
addition to legal frameworks relating to the protection of personal
information. For example, as a result of these laws, numerous
information security failings have been reported that have affected
both corporate and governmental institutions.' They have uncovered a
major social problem that has the capacity to affect millions of
t  PhD Candidate/Research Associate, Faculty of Law/Information Security Institute,
Queensland University of Technology. The author gratefully acknowledges funding from
Australian Research Council Grant DPO879015 'A new legal framework for identifying and
reporting Australian data breaches.'
1. See,  e.g.,  Open  Security  Foundation,  Periodic  PDF  Reports,
http://datalossdb.org/reports tlast visited Sept. 10, 2010) (detailing the numerous data breaches
that have been notified since the inception of US state-based notification laws).

63

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Contact us for annual subscription options:

Already a HeinOnline Subscriber?

profiles profiles most