Sen. Leahy Reintroduces Data Privacy Act15 Jan, 2014 By: Doug McPherson
WASHINGTON – Sen. Patrick Leahy (D-VT) has reintroduced a revamped version of the Personal Data Privacy Security Act that he originally authored in 2005, prompted by the data breach at Target stores during the holidays.
In a statement last week, Leahy said the breach that involved the debit and credit card data of as many as 70 million customers “is a reminder that developing a comprehensive national strategy to protect data privacy and cybersecurity remains one of the most challenging and important issues facing our nation.”
He added that when he first introduced this bill nine years ago, “I had high hopes of bringing urgently needed data privacy reforms to the American people.”
Leahy called the bill comprehensive and that it addresses notifying Americans of data breaches and lax security and accountability to help prevent data breaches.
Specifics in the bill include:
- Severe criminal penalties for those who intentionally or willfully conceal a security breach causing economic damage to consumers
- A requirement that companies maintain and implement internal policies to protect data privacy and security
- An update of the Computer Fraud and Abuse Act to make attempted computer hacking and conspiracy to commit computer hacking punishable under the same criminal penalties as the underlying offense
Leahy said he consulted with the Federal Trade Commission (FTC) and the Departments of Justice and Homeland Security in the bill’s redrafting.
Leahy has reintroduced the bill in each of the last four Congresses.