Heads up: Lawmakers are again pushing national data breach laws to put a bigger burden on companies to act after customer data is compromised. Here’s what’s in store this time around.
After several large data breaches involving companies like Epsilon, Citigroup and Sony, Representative Mary Bono Mack (R-Cal.) drafted a bill to protect both consumers and companies from e-commerce data breaches, The Hill reports.
The bill would require companies to inform the Federal Trade Commission (FTC) and their customers within 48 hours if any personal information has been stolen. The FTC will levy fines if companies fail to do so.
The bill does allow a few exceptions. For instance, companies won’t get fined if they have financial fraud preventions in place.
The bill has received a lot of attention, but before it becomes a law, lawmakers must weigh the controversial legislation’s pros and cons.
One big issue: Companies may fear handing over detailed information to consumers about their security failures. Full disclosure may damage a company’s reputation.
Also, critics claim that the bill doesn’t guarantee there won’t be any more security breaches.
Even if the bill passes, it may not turn out the way Mack wrote it. We’ll keep you posted as the bill winds its way through Congress.