Davis reintroduces federal breach-reporting act to House

Share this article:

Rep. Tom Davis, R.-Va., reintroduced the Federal Agency Data Breach Protection Act today, which would require victims of federal data breaches to be notified in a timely manner and mandates agencies have practices and standards in place to do that.

The bill was originally introduced on Sept. 26, 2006 in the previous session of Congress, but the Senate never acted on it.

The legislation was devised following the theft last year of the Department of Veterans Affairs laptop, which contained the personal information of some 26 million veterans.

Tim Bennett, the newly appointed president of the Cyber Security Industry Alliance, said in a statement today that he was pleased the bill was reintroduced and that he hopes this will clear the way for a national breach notification law.

Such a goal seems inevitable.

Meanwhile, two national breach alert bills were approved by the Senate Judiciary Committee, although they differ in what threshold would require reporting to authorities and customers.

The Personal Data Privacy and Security Act of 2007 requires companies to report if the lost or stolen data posed "significant" risk to customers, while the Notification of Risk to Personal Data Act of 2007, introduced by Sen. Dianne Feinstein, D-Calif., names "reasonable risk" of harm as the threshold, according to a report in the Washington Post.

The former bill, sponsored by Senate Judiciary Committee Chairman Patrick Leahy, D-Vt., and Sen. Arlen Specter, R-Pa., also requires data brokers to inform the public about what information they have on file about them – and then let these individuals correct any mistakes.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.