Two lawmakers reintroduce legislation that would offer bill of rights to protect consumers from breaches.
Two lawmakers reintroduce legislation that would offer bill of rights to protect consumers from breaches.

Sen. Robert Menendez, D-NJ, and Rep. Albio Sires, D-NJ, made a push Friday for the reintroduction of legislation that would protect both consumers and retailers from data breaches in front of a Jersey City Home Depot, the home improvement chain that fell victim to a breach in 2014.

The two, who originally penned legislation in the wake of the Target breach, plan on putting the Commercial Privacy Bill of Rights back into play after a seemingly endless series of attacks has felled one business after another and left sensitive information about consumers exposed and used in fraudulent schemes. In the aftermath of the Target breach, Menendez asked Federal Trade Commission (FTC) Chairwoman Edith Ramirez if the FTC needed greater authority to go after hold retailers for not protecting sensitive consumer data. 

In response, Ramirez, whose agency has aggressively pursued companies for falling short on protecting consumers, beseeched Congress to pass data security legislation granting the FTC with civil penalty authority. The commission is also urging Congress to specify a general federal breach notification requirement.

Noting that as Americans rely more heavily on technology safeguards must be “in place to prevent the next cyber-attack” and protect private data, Menendez announced from outside Home Depot, according to a press release. 

“We need to give consumers the protections they deserve,” he said. “Further delay only leaves us all more vulnerable to identity thieves, cyber-snoops and cyber-terrorists.”

The Commercial Privacy Bill of Rights would protect individual privacy and data rights by limiting the type of information that could be collected and retention periods and give consumers participation and notice rights by requiring the FTC to issue opt out regulations so that consumers could nix the transfer of data covered in the bill to third parties.