Legislative and Regulatory Developments in Information Security

16 Dec
Tuesday, 12/16/2008 11:00am
Special Event

Mark MacCarthy
Georgetown University

Gunness Student Center Conference Room

This talk develops the argument that a role for government regulation of information security is warranted because of significant externalities in this market. The point is illustrated by an examination of the financial incentives established by the legal structure and private sector practice in the payment card industry. I discusss the range of legislative and regulatory responses to this externality. At the state level, I describe breach notification laws, cost recovery requirements and specific security mandates, noting the advantages and disadvantages of each approach. At the federal level, I discuss the actions taken by the Federal Trade Commission, and the legislative approaches developed over the two Congresses. I address the possibiity of changes at the FTC under the new Administration and the likelihood of passage of information security legislation in the new Congress. Finally, I report on changes in information security rules in other countries, including developments in the European Commission, the UK, Australia and Canada.

Bio: Mark MacCarthy is currently adjunct professor at Georgetown University's Communication, Culture, and Technology Program, where he teaches courses on the economics of network industries and public policy toward network industries. He is also an adjunct member of Georgetown University's Department of Philosophy where he teaches courses in the political philosophy. He does research and consults in the areas of information privacy and security, ecommerce and other technology policy issues. He is currently designated as the appointed expert of the American National Standards Institute on the International Organization For Standardization (ISO) Technical Management Board (TMB) Task Force On Privacy.

From 2000 to 2008, Mark MacCarthy was Senior Vice President for Global Public Policy at Visa Inc. He was responsible for global government relations strategies and initiatives affecting electronic commerce, technology policy, information security, privacy, risk management, credit, debit and prepaid payment cards and innovative products such as payWave and Visa's mobile telephone platform. He was also responsible for coordinating working relationships with consumer and privacy groups. He regularly represented Visa before the U.S. Congress, the U.S. Administration, the U.S. Federal Trade Commission, the U.S federal financial regulators and multi-governmental groups such as the OECD and APEC.

Mark MacCarthy has extensive experience in Washington DC public policy making and government affairs. Prior to joining Visa, Mr. MacCarthy spent six years as a principal and senior director with the Wexler-Walker Group, a Washington government affairs consulting firm, where he worked with a variety of clients on electronic commerce, financial services, privacy and telecommunications. He was Vice President in charge of Capital Cities/ABC's Washington office from 1988 to 1994, representing the company's interests before Congress, the Federal Communications Commission and other administrative agencies. From 1981 to 1988, he was a professional staff member on the U.S. House of Representative's Committee on Energy and Commerce, where he handled communications policy and other issues for the Chairman of the Committee, Representative John D. Dingell, Jr. (D-MI). From 1978 to 1981, Mr. MacCarthy worked as an economist performing regulatory analyses of safety and health regulations at the U.S. Occupational Safety and Health Administration.

Mr. MacCarthy has a Ph.D in philosophy from Indiana University and an MA in economics from the University of Notre Dame. He has published a number of articles on government regulation and information security. He has taught introduction to philosophy and political >philosophy at Notre Dame and philosophy of economics at Maryland University.