Today, in honor of Data Privacy Day, U.S. Representatives Bobby L. Rush (D-Ill.) and Joe Barton (R-Texas) reintroduced the Data Accountability and Trust Act (DATA) along with U.S. Reps. Dan Lipinski (D-Ill.), David Cicilline (D-R.I.) and Jerry McNerney (D-Calif.). This bill, H.R. 580, is substantially similar to a bill that was first introduced in the 110th Congress and passed the full House in the 111th Congress but was not considered by the Senate.
Today, in honor of Data Privacy Day, U.S. Representatives Bobby L. Rush (D-Ill.) and Joe Barton (R-Texas) reintroduced the Data Accountability and Trust Act (DATA) along with U.S. Reps. Dan Lipinski (D-Ill.), David Cicilline (D-R.I.) and Jerry McNerney (D-Calif.). This bill, H.R. 580, is substantially similar to a bill that was first introduced in the 110th Congress and passed the full House in the 111th Congress but was not considered by the Senate.
The DATA Act requires commercial entities that own or possess any personal information of consumers to implement effective information security policies and procedures to safeguard that information. Additional provisions in the law would require these entities to notify individual consumers, as well as the Federal Trade Commission, following consumer data breaches and when personal information is accessed or acquired by unauthorized persons.
Personal information is defined as an individual’s first name or initial and last name, or address, or phone number in combination with (i) a social security number; (ii) driver’s license, passport, military ID number or similar government document number; or (iii) a financial account number, credit or debit card number and any required security or access code or password for an individual’s financial account.
Recent, massive data breaches and cybercriminal attacks on firms and commercial networks and databases have enormously impacted consumers, consumer confidence and the economy. U.S. Rep. Fred Upton (R-Mich.), Chairman of the Energy & Commerce Committee, recently announced that there would be a series of hearings throughout the coming year to examine these numerous and increasing threats. The Energy & Commerce Committee — of which Rep. Rush is a senior member and Rep. Barton is Chairman Emeritus — is the House committee with primary jurisdiction over interstate commerce, consumer protection and trade matters.
The Committee is also primarily responsible for authorizing and overseeing the activities of the Federal Trade Commission. Under the DATA Act, the Commission would be authorized to adopt regulations that spell out appropriate information, security policies and procedures and to take enforcement actions and assess civil penalties up to $5 million for violations of, either the law’s information security policy and procedure or its breach notification requirements, along with state attorneys general against violators under the law.
In the spirit of Data Privacy Day, which is observed globally on January 28th, Reps. Rush and Barton will host a briefing on Capitol Hill on February 6, 2015. This briefing will be yet another avenue to shine a light on the realities of data breaches and the need to properly secure our networks and the personal information of others.
