Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) reintroduced legislation to protect the personal information of Americans and ensure their privacy. Leahy also announced that the issue of data privacy would be the subject of a committee hearing early in the new Senate session, according to a press release.
Leahy first authored and sponsored the Personal Data Privacy and Security Act in 2005, and he has reintroduced the legislation in each of the last four Congresses.
According to the release, “The bill would establish a national standard for data breach notification, and require American businesses that collect and store consumers’ sensitive personal information to safeguard that information from cyber threats. Leahy’s bill introduction on Wednesday comes just weeks after the department store chain, Target, suffered a major data security breach involving 40 million credit and debit cards used to pay for purchases at its stores during the busy holiday buying season.”
Key bill provisions include:
- Tough criminal penalties for individuals who intentionally or willfully conceal a security breach involving personal data when the breach causes economic damage to consumers;
- A requirement that companies that maintain personal data establish and implement internal policies to protect data privacy and security; and
- An update to the Computer Fraud and Abuse Act to make attempted computer hacking and conspiracy to commit computer hacking punishable under the same criminal penalties as the underlying offense.