Data Breach Bill Introduced
Would preempt 46 state data breach laws in favor of FTC-enforced national standard
By John Eggerton -- Broadcasting & Cable, 6/22/2012 5:33:52 PMposted by the Hill Friday requires covered entities, like ISPs, to take "reasonable measures" to protect information and to report breaches to covered entities transmitting, routing or providing storage of such data, so long as they can be "reasonably identified, as well as informing law enforcement."
Notice of a breach can be delayed by written request of a law enforcement agency -- rather than, say, requiring a court order -- if to reveal it impedes a civil or criminal investigation. It can also be delayed for reasons of national security.
A violation of the national standard will be considered an unfair and deceptive practice in violation of the Federal Trade Commission Act, with a maximum civil penalty of $500,000 for all violations related to the same omission.
Original co-sponsors, all Republicans, are Sens. Roy Blunt (R-Mo.), Jim DeMint (R-S.C.), Dean Heller (R-Nev.) and Olympia Snowe (R-Maine).
"Senator Toomey's data security legislation is a significant step towards modernizing data-security rules for the Internet age," said Verizon in a statement. "It appropriately imposes the same rules for all companies in the Internet ecosystem, and simplifies data security by providing consumers with a single stop at the FTC for data security issues. No matter how consumers provided their data -- using an app, visiting a website, using a network, or running software -- they want one place to go when there are concerns about whether their information is safe and secure."
No related content found.
Most Popular Pages
No Top Articles