|
Congress has introduced and debated at least 10 bills related to protecting consumers from security breaches and identity theft this session. And some, such as the Data Accountability and Trust Act introduced by Representative Cliff Stearns (R-FL), a long time champion of privacy legislation, have passed out of Committee. However, with only a handful of days remaining in the legislative session before the House and Senate adjourn for the campaign period, action on any of the data protection bills is unlikely.
A recent FoxNews article noted, “Barring any major incident in the next couple of weeks (there are only 15 days left on the legislative calendar before members of Congress leave town to campaign for the upcoming election), there will likely be no movement on Capitol Hill to fully advance data security legislation.”
Despite inaction this session, interest in the issue remains high and there are signs that it will remain a legislative priority in the new Congress next year. If the new Congress does act, a key issue will be how any legislation that is passed supersedes existing state legislation.
Legislative overview
Two pieces of legislation remain the most likely models for future legislation. They include:
Data Privacy and Security Act of 2005 (S. 1789) – This bill, sponsored by Judiciary Committee Chair Arlen Specter (R-PA), Ranking Democrat Senator Pat Leahy (D-VT), and Senator Feingold (D- WI), passed with strong support of the committee by a 13- 5 vote. It requires companies to provide notice of security breaches of “sensitive personal information”, enhances criminal penalties, and calls for protections against security breaches, fraudulent access, and misuse of personally identifiable information. However, “sensitive personal information” is defined to include a person’s name in conjunction with his/her home address or telephone number, and month, day and year of birth, information that is commonly collected by many companies.
Data Accountability and Trust Act (DATA) (H.R. 4127) – The House Energy and Commerce Committee unanimously passed this bill introduced by Chairman Stearns (R-FL) and Rep. Pryce (R-OH). The bill would not have a significant impact on most Kids in the Know members, primarily because it limits its definition of “security breach” to the loss or theft of data when “there is a significant risk of identity theft to the individual.” In addition, "personal information" is defined as name plus social security number, driver’s license number, or financial account or credit card number.
We will continue to monitor the legislation both in Congress and in the state legislatures and keep you informed on future relevant actions.
For more information about the issues outlined in this update – or for information
about other Kids in the Know’s activities – send an e-mail to info@kidsintheknow.org.
|
|
|
