stars...@mindspring.com (Lizette Koehler) writes: > PCI has to do with Payments for Credit Cards and their security.
PCI was somewhat in response to the cal. state data breach discloser (and later other states) legislation. we were tangentially involved being, brought in to help wordsmith the cal. state electronic signature legislation ... some past posts http://www.garlic.com/~lynn/subpubkey.html#signature some of the electronic signature participants were also heavily into privacy issues and had done detailed privacy surveys ... #1 issue kept coming up "identity theft" of the kind involving fraudulent transactions from data breaches of one sort or another (skimming, evesdropping, database compromise; etc ... involving account number harvesting). little or nothing appeared to being done about such activity and they hoped that the publicity from data breach notifications might prompt countermeasures ... in addition to providing victims the opportunities to do something. part of the issues was that the owners of the large databases/data-streams ... that had the breaches ... wouldn't be the victims of the fraudulent financial transactions. in any case, since the passage of the cal. legislation there have been numerous federal data breach notification bills introduced (none yet passing), about equally divided between those with similar notification requirements and those that would eliminate requirement for notification (in some cases, partially justified on industry actions like PCI). a couple long-winded recent posts going into related issues of broken paradigm http://www.garlic.com/~lynn/2012b.html#70 Four Sources of Trust, Crypto Not Scaling http://www.garlic.com/~lynn/2012b.html#71 Password shortcomings http://www.garlic.com/~lynn/2012b.html#94 public key, encryption and trust -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN