Cybersecurity Laws That You Should Be Aware Of

Cybersecurity Laws

Most of our time today is spent on the internet. Whether it is learning how to bake a loaf of bread, playing an intense Dota match, or watching movies, it is through the wonder that the internet is. It would not be wrong to say that our life has become more happening online than it is offline. Every minute millions of U.S. citizens use their social media profiles to express their moods, routines, likes, dislikes, and whatnot. Social media has become a great part of our lives and most people do not feel complete without sharing everything about them on their profiles which is fun till it is not.

Thousands of malicious and illegal companies are working endlessly to figure out your personal information in order to malign you personally, professionally, and/or financially. With the increase of internet usage, there has been an increase in cybercrimes as well. Clark School of the University of Maryland has found that a cyberattack occurs almost 2,244 times a day which is every 0.65 minute. There are a lot of ways through which you can secure yourself on the internet, the easiest is to be aware and cautious of everything you do on the internet. You can also install a good security suite for endless online protection, however, if you subscribe to Spectrum bundle deals, you can avail complimentary security suite and reliable connection at all times.

Whatever steps you take to protect your online identity and integrity, it is also important to be aware of the laws that regulate the cyber world. It is reported that the government of the United States spends almost 19 billion USD on cybersecurity per year. Albeit such extensive spending, cybercrimes have been on the rise since ever.

Which activities are criminalized by law?

Cybersecurity laws have made the following activities illegal and punishable:

  • Computer hacking
  • Corporate espionage
  • Identity theft
  • Economic espionage
  • Illegal gathering of confidential information
  • Criminal infringement of copyright
  • Unauthorized publication
  • Sexual exploitation of children
  • Spreading fake news
  • Defacing internet sites
  • Breaking into computer systems: accessing, editing, and deleting unauthorized data
  • Overflowing, irrelevant net traffic making websites unavailable for genuine users

MAJOR FEDERAL CYBERSECURITY LAWS

Following are the laws and regulations concerning cybersecurity that you should be aware of, for your internet safety and protection.

Health Insurance Portability and Accountability Act (HIPAA) [1996]

Signed by President Bill Clinton and enacted in 1996, HIPAA applies to organizations like hospitals, clinics, insurance companies, etc. with access to confidential medical information. This law states that medical institutions have to fulfill the standards of the sharing and storing of information.

Before this law was passed, there were no standards for the protection of confidential medical data. This is the first law of cybersecurity in the healthcare industry, and in today’s world it includes cloud storage methods, therefore every recordkeeping process that involves storing EHRs and EMRs in the cloud has to be compliant with this law. For more on this, visit: https://duplocloud.com/blog/hipaa-compliant-cloud-storage/

Gramm-Leach-Bliley Act (GLBA) [1999]

Signed in 1999 and called as Financial Services Modernization Act of 1999, this law requires financial firms to be transparent about how they store and secure their client’s private data. This law has defined standards for the protection of the financial information of people. It focuses on who should have access to the financial records and how these records should be stored and collected.

Homeland Security Act [2002]

Signed by President George W. Bush in 2002, Homeland Security Act included Federal Information Security Management Act (FISMA) as well. The law was introduced after several terrorist acts like the bombing of the World Trade Center. FISMA includes aspects of cybersecurity in the act.

Cybersecurity Information Sharing Act [CISA]

Passed in 2015, the objective of this law is to advance the levels of cybersecurity in the country through improved distribution of information and awareness about cybersecurity threats. This law, further, allows the transference of information about internet traffic between manufacture and technology companies and the government of the United States.

Cybersecurity Enhancement Act [2014]

Signed in 2014, this law provides a voluntary, ongoing private-public partnership to better the levels of cybersecurity and to strengthen the research and development of workforce development, education, and cybersecurity.

Federal Exchange Data Breach Notification Act [2015]

This law was signed in 2015. It states that each individual whose private data is accessed and acquired due to a security breach of any system maintained by the exchange should be notified by a health insurance exchange. This notification should be sanctioned at the earliest and not later than 60 days after the breach is detected.

Federal Trade Commission Act (FTC) [1914]

The Federal Trade Commission Act or FTC was signed in 1914. It regulates unfair and dishonest commercialization practices and the law is enforced against such companies.

Electronic Communications Privacy Act (ECPA) [1986]

Electronic Communications Privacy Act of 1986 protects the protection of communication mediums i.e. oral, electronic, or wire, from unauthorized usage, access, interception, or disclosure.

Computer Fraud & Abuse Act (CFAA) [1986] 

The Computer Fraud and Abuse Act or CFAA regulates the illegal activities related to computers and the internet. These activities also include the illegal possession of a computer.

Children’s Online Privacy Protection Act (COPPA) [1998]

This act was signed in 1998 and requires online websites and service providers to take parental consent before collecting, using, and/or releasing data from children under the age of 13 years.

Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act) [2003] 

This law controls the spread of unlicensed emails and forbids false header information and bans misleading subject lines. It also requires that unsolicited marketing emails be painted as advertising and offer the choice to unsubscribe such email threads to the recipients.

Conclusion

We have emphasized the laws and regulations relating to cybersecurity in this article. The main purpose is to spread awareness and educate the masses about the protection they deserve. We hope to have induced a sense of security within you.

Stay safe!