Material Vulnerabilities: Data Privacy, Corporate Information Security and Securities Regulation

74 Pages Posted: 23 May 2006

See all articles by Andrea M. Matwyshyn

Andrea M. Matwyshyn

Penn State Law; Penn State Engineering; Stanford University - Stanford Law School Center for Internet and Society

Abstract

This article undertakes a normative and empirical legal inquiry into the manner information security vulnerabilities are being addressed through law and in the marketplace. Specifically, this article questions the current legislative paradigm for information security regulation by presenting a critique grounded in information security and cryptography theory. Consequently, this article advocates shifting our regulatory approach to a process-based security paradigm that focuses on improving security of our system as a whole.

Finally, this article argues that in order to accomplish this shift with least disruption to current legal and economic processes, expanding an existing set of well-functioning legal structures is preferable to crafting new legal structures. Securities disclosure law is already focused on regulating the most connected points in our economy, publicly traded entities. Public companies provide a good starting point for spreading better information security behaviors because of this connectedness; disclosure of public companies' information security behaviors will assist them in maximizing shareholder value and will assist regulators in finding the inadequately secure points in our economy.

Keywords: data information, security privacy, law securities

JEL Classification: k22, k39, k30, a14, l86, o32, o33, o34, o38, z10

Suggested Citation

Matwyshyn, Andrea M., Material Vulnerabilities: Data Privacy, Corporate Information Security and Securities Regulation. Berkeley Business Law Journal, Vol. 3, p. 129, 2005. Available at SSRN: https://ssrn.com/abstract=903263

Andrea M. Matwyshyn (Contact Author)

Penn State Law ( email )

150 S College St
Carlisle, PA 17013
United States

Penn State Engineering ( email )

101 Hammond Building
University Park, PA 16802
United States

Stanford University - Stanford Law School Center for Internet and Society ( email )

559 Nathan Abbott Way
Stanford, CA 94305-8610
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
515
Abstract Views
3,031
rank
54,369
PlumX Metrics