Federal Data-Breach Bill Would Replace Dozens Of Stronger State Laws
by David Lazarus, Los Angeles Times
It’s called the Data Security and Breach Notification Act of 2015, and, if passed into law, it would be the first federal rule requiring businesses to let consumers know that their personal information may be in the hands of hackers.
Sounds good, right?
Dozens of states, including California, already have similar laws on the books that are stronger and more comprehensive than the proposed federal law. But the federal law would preempt all state laws.
The bill would eliminate existing data-breach protections for pay-TV and Internet customers. Right now, for example, people must be notified if there’s any unauthorized access to information on shows or channels watched.
The bill also would require notifications only in instances of financial harm, rather than the broader requirements of many states, such as violations of personal privacy in the form of hacked emails or corporate databases.
“California has some of the strongest laws in the country protecting consumers from identity theft,” said Emily Rusch, executive director of the California Public Interest Research Group. “The last thing Congress should be doing is tying the hands of states.”
The House Energy and Commerce Committee approved the bill last week. The 29-20 vote was along party lines, with Republicans advancing the legislation to the House floor.
Continue reading on the Los Angeles Times website » The Times limits free pageviews per month.