Rietta
Rietta.com Security
You are reading The Rietta Blog, a publication about the web since 2005.

Stop Thinking About GA SB 315 in Terms of "Digital Homes"

Comments

Throughout the public debate over Georgia SB 315, a bad analogy has been repeated by others that a public business or institution’s website server is like an online home. And, because nobody lets strangers just walk into their own home, Georgia should set the expectation that no one, criminal or ethical, should be allowed to come into an organization’s digital “home” without permission. But this analogy does not match reality!

The cybersecurity research that is outlawed by SB 315 is not about digital homes, but about digital public places of business and institutions on the public Internet. A better analogy is a physical security expert is visiting an office open to the public during normal business hours and sees a public safety problem that puts all customers at risk. Such an expert should be able, without fear of prosecution, to freely bring the problem to the attention of management or whoever can fix the issue.

Recent history is full of stories about companies and government institutions who were quietly warned about major security problems and yet did nothing about the problems until after it became publicly known, or worse, there was a major breach of private customer data.

As an individual, if I forgot to lock the door at my home, my family and I may be robbed. When an organization with a massive database of customer private data forgets to lock its digital doors, millions of people are put at imminent risk of loss of privacy, risk of identity theft, or worse.

I have urged Georgia Governor Nathan Deal to VETO SB 315 and recently met with his office to discuss these issues in person. He has until Tuesday, May 8th, 2018, to sign, veto or to let it pass into law without his signature.

Contact the Governor Nathan Deal

Join me by e-mailing and calling Governor Deal and tell him that Georgia cannot afford bad cybercrime policy in its State law. SB 315 is not the way to protect our citizens from the theft of massive databases of the personal private information of millions of people. Ask the Governor to VETO SB 315 and tell the General Assembly to revisit the subject in consultation with the $4.7 billion dollar cybersecurity community that employs tens of thousands of people in Georgia.

About Frank Rietta

Frank Rietta's photo

Frank Rietta is a web application security architect, author, and speaker. He is a computer scientist with a Masters in Information Security from the College of Computing at the Georgia Institute of Technology. He speaks about security topics and was a contributor to the security chapter of the 7th edition of the "Fundamentals of Database Systems" textbook published by Addison-Wesley.

Comments