Spurred on by the holiday data breach at Target stores, Sen. Patrick Leahy (D-VT) today reintroduced a revamped version of the Personal Data Privacy Security Act that he originally authored in 2005. Leahy has reintroduced the bill in each of the last four Congresses. . . .The bill calls for: Severe criminal penalties for individuals who intentionally or willfully conceal a security breach causing economic damage to consumers; A requirement that companies maintain and implement internal policies to protect data privacy and security; and an update of the Computer Fraud and Abuse Act to make attempted computer hacking and conspiracy to commit computer hacking punishable under the same criminal penalties as the underlying offense.
DMA Editor’s Note: DMA generally supports the creation of a national breach notification standard, and has worked with members of the Judiciary Committee over the course of the past several years to refine proposed bills such that they succeed in the aim of addressing identity theft without adversely affecting the flow of information vital to our economy.