Congress working on new data security law

Most security professionals want the federal government to pass a data security law. But will it ever happen?

As more states pass laws requiring companies to protect certain data and notify affected parties in the event of a data breach, some federal lawmakers have been trying to get in the game. And the folks who work in data security support it — 70% of security favor federal legislation, according to a recent survey by security audit software maker nCircle.

But the problem: Lawmakers trying to push such laws face a lot of opposition, both inside Congress and out. Several bills have been proposed but got nowhere.

The latest version, the so-called Boucher Bill, was drafted by several congressmen from both parties and deals with companies that gather and store information about consumers online. It sets limits on companies’ ability to collect personal information from individuals without their consent.

The bill’s gotten plenty of opposition, from several angles. Some examples:

  • The Direct Marketing Association is upset over the requirement that companies get consent before collecting marketing information on consumers.
  • The Progress and Freedom Association, an industry trade group, claimed that the bill would be the death of the “free” Internet.
  • The Electronic Privacy Information Center declared that the law doesn’t do anything but maintain the unsatisfactory status quo.
  • Consumer Action is complaining that the privacy provisions of the law are actually far weaker than those already in place for some states, and that the law would limit liability in cases where critical personal information leaks out and harms a consumer.

Will the bill ever pass? Maybe, but it will likely change significantly first. For now, make sure you keep track of the laws in your state.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy