WASHINGTON, June 16, 2011 – Just days after Senate email accounts were hacked, the House Subcommittee on Commerce, Manufacturing and Trade held a hearing Wednesday to discuss a draft bill that would require companies to minimize the amount of data collected from consumers and notify them within two days of a data breach.
Subcommittee members met with witnesses to clarify the ambiguous language of a discussion draft of Subcommittee Chairman Rep. Mary Bono Mack’s (R-CA) Secure and Fortify (SAFE) Data Act. The measure addresses the increasing threat of data theft, in the wake of high-profile cyber attacks on Sony, Epsilon, Lockheed-Martin and other U.S. companies.
The SAFE Data Act, is based on the language of the Data Accountability and Trust (DATA) Act , according to an internal committee memorandum.
Members reiterated key revisions within the SAFE Data Act throughout the hearing. In the new legislation, companies would be required to notify law enforcement authorities and consumers within 48 hours of the breach. The bill would also include a provision, also known as ‘data minimization,” for companies to reduce the amount of less sensitive information collected from consumers.
Rep. Henry Waxman (D-CA), in his opening remarks, while worried that the proposed legislation favors the protection of businesses over consumers, lauded the provision on ‘data minimization’ as ‘potentially valuable.’
“It’s time for us to declare war on identity theft and online fraud,” said Bono Mack in her opening statement, echoing a bipartisan call from members and witnesses for the drafting of a muscular national data breach notification law.
“E-commerce is a vital and growing part of our economy. We should take steps to embrace and protect it – and that starts with a robust cyber security.”
Edith Ramirez, Commissioner at the Federal Trade Commission, emphasized the need to notify consumers of a data breach “as soon as practicable.”
Ramirez also requested that the bill require the FTC to be notified at the same time as law enforcement agencies and that the agency should be granted the authority to sue non-profit entities for data security violations.
“The FTC promotes data security through law enforcement, consumer and business education, and policy initiatives.," said a statement issued by the agency. "Since 2001, the agency has brought 34 cases charging business to protect consumers’ personal information.”
The proposed legislation would also preempt the data breach notification laws already in place in 47 states in order to create national legal consistency. The provision responds to a pronounced frustration by private companies over the confusing labyrinth of state data breach notification laws
Marc Rottenberg, Executive Director of Electronic Privacy Information Center, however, cautioned members to take into consideration stronger state data breach notification laws while drafting the new legislation so as not to override them with a weaker federal mandate.
Rottenberg also articulated concerns that the draft’s current definition of ‘Personal Information’ was too narrow.
“The bill seems to suggest that a social security number would not be personally identifiable if it is possessed without a associated person’s name,” said Rottenberg.
“The bill also ignores other popular identifiers, such as a user ID for Facebook, which points as readily to a unique individual as would a driver’s license or a social security number.”
House members are energized to move quickly due to growing numbers of sophisticated cyber attacks and increased consumer reliance upon cloud computing. A senior advisor, in response to an email query, said that Congresswoman is looking to incorporate into her legislation some of the ideas raised by other members at the hearing.
According to a senior advisor speaking on condition of anonymity in Bono Mack's office, the representative expects to have a bill up before the full House within a month.
The congresswoman reiterated in comments after the hearing her intent on having a full committee markup of the bill before the August recess.
“It is my intent with [Rep. G.K. Butterfield (D-NC)] is that there is a bipartisan bill that moves through the Senate,” said Bono Mack. “Maybe [the recent Senate attacks] will give them a bit of an incentive over there.”
- Mobile Technology Aided the Growth of Black Lives Matter, But Will Hashtag Outrage Lead to Change?
- TikTok Ban Delayed as Wal-Mart Enters, FCC Says California Not Prepared for Auction, Wireless Facilities in Rights-of-Way
- Breakfast Media Minute: September 21, 2020
- At Rural Broadband Association NTCA, Pai Touts Improvements to Rural Broadband Auctions
- Democrats Lash at FCC Chairman Ajit Pai For Repealing Net Neutrality, Not Producing Broadband Maps
Signup for Broadband Breakfast
Fiber4 months ago
Fiber Networks Hold a Cybersecurity Advantage Over Rival Co-Axial and Wireless Technologies, Say Panelists
Congress4 months ago
Senators Introduce Healthcare Broadband Bill as House Companion, Proposes $2 Billion Telehealth Expansion
Artificial Intelligence3 months ago
Brookings Panelists Emphasize Importance of Addressing Biases in Artificial Intelligence Technology
China5 months ago
China Expert Predicts that Nation’s Flawed Coronavirus Response Will Damage the Power of Chinese Communist Party
Infrastructure6 months ago
Broadband Breakfast Live Online Will Stream Every Wednesday at 12 Noon ET on ‘Broadband and the Coronavirus’
Education6 months ago
Online Elementary Education is No Spring Break for Parents Teaching from Home
Artificial Intelligence3 months ago
U.S. State Department Employing Artificial Intelligence Against COVID-19 Misinformation
Rural5 months ago
Why the Rural Digital Opportunity Fund is So Significant, and How to Succeed in Applying For RDOF