Sens. Tom Carper (D-Del.) and Roy Blunt (R-Mo.) teamed up to introduce the Data Security Act of 2014 on Wednesday, which would create consistent national rules for public and private institutions to follow to safeguard consumers’ sensitive information.
The bill would require entities, including financial institutions, retailers and federal agencies, to investigate security breaches and inform consumers when they are at risk of identity theft or fraud. If passed and signed into law, the bill would replace existing state laws with a set of national standards.
“These new requirements would apply to businesses that take credit or debit card information, data brokers that compile private information, and government agencies that possess nonpublic personal information,” said a press release issued by Carper’s office.
“Today, 49 states and U.S. territories have enacted laws governing data security and data breach notification standards. Inconsistent and conflicting state-by-state standards force public and private entities to comply with multiple regulations, leaving many consumers in a confusing web of regulation depending on the state,” said the release.
Carper said the Target and Neiman Marcus incidents show that data breaches are becoming more common.
Read more about the Target data breach:
- Target Confirms POS Malware
- PCI Standard Losing Ground: Data Security Exec
- Hensarling Rep Mum on Hearings
- Targeting Target: Alabama State Employees CU Files Suit
“For millions of Americans, data breaches can cause worry and confusion and, in some cases, serious financial harm. We cannot allow technology advances to outpace the security measures in place to safeguard the transactions we conduct in person and online,” said Carper, the chairman of the Homeland Security and Governmental Affairs Committee, in the release.
“This bipartisan and comprehensive approach would better serve consumers by ensuring that businesses and government agencies take the steps necessary to secure personal and financial information and respond swiftly and effectively in the unfortunate event of a breach.”
Blunt said new technologies pose new opportunities, which also bring new security challenges.
“As recent headlines have once again reminded us, now is the time to strengthen our nation’s data security and defend consumers against data breaches by both businesses and government agencies,” said Blunt in a release. “I’m glad to work with Senator Carper again as we continue our bipartisan effort to create consistent, national standards to better protect consumers and businesses from identity theft and account fraud.”
Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) recently reintroduced a separate data security bill called the Personal Data Privacy and Security Act in the wake of the Target breach.