Congress has been reviewing draft legislation requiring organizations to take greater care with the security of the personal data of their customers, and to offer faster disclosure should a data breach occur.
U.S. Representative Mary Bono Mack has circulated draft legislation of a bill for discussion on this topic after having held several hearings in order to reprimand Sony Corp. for taking so long to inform their customers about data lost during an attack to their PlayStation network.
Moreover, the proposed bill would include a regulation for businesses to start to delete the personal data of their current and former customers once there is no longer a need for it. This will help to minimize the risk of theft of that information should there be a data attack.
The proposed legislation would have companies contact law enforcement inside 48 hours of a data breach. Should any personal data be lost that could be used for identity theft, the Federal Trade Commission must also be notified within 48 hours, and the company must start to notify the individuals whose information may have been taken.
Bono Mack said that “E-commerce is a vital and growing part of our economy. We should take steps to embrace and protect it – and that starts with robust cyber security.” She is currently the chair of the Commerce, Manufacturing and Trade subcommittee of the House.
On the other hand, Harry Reid, Senator Majority leader, has taken similar action in the Senate by requesting that four Senate committees develop a comprehensive bill on cyber-security that he hopes will come to the Senate floor by the end of the summer.