In the wake of the massive data breaches that put millions of customers at Target, Neiman Marcus, and other retailers in harm's way, senators in Congress has revived efforts to create federal standards for companies to safeguard consumer data. The Data Security and Breach Notification Act, drafted by Senator Dianne Feinstein (D-CA) and four other senior Democratic senators, will, they hope, make companies more accountable to their customers should their personal information fall into hackers' hands. It's at least the sixth bill of its kind to be proposed by Congressional leaders.
"Members of Congress must come together to pass this common-sense plan."
The new bill, announced this week, is an attempt to consolidate the patchwork of laws across most states that require companies to alert their customers when personal data has been compromised — something Senator Feinstein and her co-signers see as a growing problem. "The breaches are getting more frequent," writes Feinstein, "and members of Congress—of both parties and across different congressional committees—must come together to pass this common-sense plan to protect the American consumer." This proposed bill would give the FTC the power to set standards for all states. It would also create a two-pronged enforcement regime combining the power of the FTC and state Attorney Generals to ensure that businesses comply with the regulations.
News of the bill comes only weeks after California enacted a stricter update to its own data breach law, expanding the definition of personal data to include usernames, passwords, and security questions and answers. However, whether or not this bill will become law is up in the air. Several versions of the Data Security and Breach Notification Act have been drawn up since President Obama took office — and most have died in committee since then.