Lege Trend: Federal Data Breach Legislation

Last week Congressmen Barton (R-TX) and Rush (D-IL) filed data breach notification legislation. Feds want to protect personal, private information and the states are quickly passing bills that further protect their citizens. 

What you need to know about the federal bills:

• Act Name: Data Accountability and Trust Act (DATA Act)
• Bill Number: HR 580
• Senators Feinstein, Pryor, Rockefeller, and Nelson filed similar, but not identical bill:
  • Data Security and Breach Notification Act 
  • SR 177
• What do HR 580 & SR 177 seek to accomplish?
  • Nationwide data security standard
  • Backed by FTC enforcement & State Attorney Generals and civil penalties
    • Penalties up to $5M per violation
  • Require notification to the FTC & to affected individuals in the event of a data breach
  • Define “personal information” to include:
    • an individual’s name in connection with :
      • (1) a Social Security number
      • (2) a driver’s license, passport, or other government-issued identification number, or
      • (3) a financial account or credit or debit card number in combination with a security code or password that would permit access to an individual’s financial account. 
  • Businesses would be required to have information security procedures and policies to safeguard information.  

National Law Review