Page 281 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 281
The Privacy Act of 1974 applies only to government
agencies. Many people misunderstand this law and believe that it
applies to how companies and other organizations handle sensitive
personal information, but that is not the case.
Electronic Communications Privacy Act of 1986 The Electronic
Communications Privacy Act (ECPA) makes it a crime to invade the
electronic privacy of an individual. This act broadened the Federal
Wiretap Act, which previously covered communications traveling via a
physical wire, to apply to any illegal interception of electronic
communications or to the intentional, unauthorized access of
electronically stored data. It prohibits the interception or disclosure of
electronic communication and defines those situations in which
disclosure is legal. It protects against the monitoring of email and
voicemail communications and prevents providers of those services
from making unauthorized disclosures of their content.
One of the most notable provisions of the ECPA is that it makes it
illegal to monitor mobile telephone conversations. In fact, such
monitoring is punishable by a fine of up to $500 and a prison term of
up to five years.
Communications Assistance for Law Enforcement Act
(CALEA) of 1994 The Communications Assistance for Law
Enforcement Act (CALEA) of 1994 amended the Electronic
Communications Privacy Act of 1986. CALEA requires all
communications carriers to make wiretaps possible for law
enforcement with an appropriate court order, regardless of the
technology in use.
Economic Espionage Act of 1996 The Economic Espionage Act of
1996 extends the definition of property to include proprietary
economic information so that the theft of this information can be
considered industrial or corporate espionage. This changed the legal
definition of theft so that it was no longer restricted by physical
constraints.
Health Insurance Portability and Accountability Act of 1996
