RSS Archive Contact Us Advertise

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > House Slated To Pass Data Breach Bill
Search:
[ insider_reports_insider ]

House Slated To Pass Data Breach Bill



John Stith
Staff Writer
2006-03-16

SecurityProNews: Insider Reports Insider Reports RSS Feed


The Financial Data and Protection Act of 2005 (HB3997) currently in the House of Representatives has some problems. The bill, supposedly meant to offer relief for consumers who've been victims of data breaches, is really very weak, particularly compared states laws like California's version. In fact, some may say it offers consumers even less protection than they have now.

Washington Considers Breach Bill
Washington Considers Data Breach Bill

While the majority of identity fraud doesn't occur through these types of breaches, if criminals ever figured out what they have, it would get very bad. Privacy advocates have real problems with this bill, calling it "easily the worst data breach bill ever."

Ed Mierzwinksi, Program Direct for the U.S. Public Interest Research Group (PIRG) discussed the bill on his blog. His words were none to kind to this legislation. One of his beefs is how the bill deals with stronger state legislation, namely preempting it. Freeze laws for example "give consumers real control over access to their credit report that no other identity theft prevention action provides them with." This bill only offers the freeze to victims after the damage has been done.

The Privacy Rights Clearinghouse rails against the bill. They've put together a list of problems with the bill based on a letter sent around by US PIRG :

-- establish a trigger for data breach notification that experts believe would result in no notices to consumers, because the standard is too high. We only know about the 100 breaches that have occurred since Choicepoint because of the strong California trigger.

-- Establish a weak, but preemptive security freeze that only applies to victims. You've already been shot, so they give you but no one else a bulletproof vest.

-- Establish a process to begin to undercut the privacy protections of the federal Gramm Leach Bliley Act while simultaneously permanently preempting all state activities on financial privacy.

-- Fail to even lightly regulate the activities of data brokers like ChoicePoint, the unregulated company that sold 163,000 dossiers to identity thieves (other than to subject them to the same weak data security rules that shoe stores would be subject to under HR 3997).

-- Expressly disallow state Attorneys General from protecting their citizens from privacy invasions.

-- Fail to assist non-English speaking individuals who have difficulty gaining access to their credit report. The inability of Latinos and other immigrants to access their credit report in languages they can understand means that they will be unable to file complaints and fraud alerts, and monitor their credit report for identity theft purposes.

Perhaps the biggest problem for consumers is the severe limiting of liability for the financial institutions if said institutions provide six months of free credit monitoring. Consumers won't be able to pursue litigation against these companies though, in some case, identity fraud may not be detectable for years after the fact.

The legislation, as a whole, needs to be much stronger in order to force various organizations and institutions to be more careful with consumer data. While most of the new rules and regulations are left to be worked out by the appropriate financial bureaucrats, namely the Secretary of the Treasury and the Fed Board of Governors, one can't help but wonder if they will even try to provide effective law.

Penalties for these data breaches need to be swift and harsh, with severe financial penalties for these companies. There need to be solid rules in place for maintaining appropriate date security including high-end encryption to protect the data. One's financial worries should not be tied leaving a compact disc on an airplane.

With literally millions of individuals compromised in 2005, carelessness is the rule of the day here. These organizations and institutions need to realize major financial loss for their lackadaisical approach to protecting their consumers. That's the only way for some organizations to comprehend the seriousness of this problem. This bill, if made into law, simply won't do it. It let's organizations off the hook and still makes for a very miserable experience by the consumer, who, many cases, won't even have a course of legal action against the financial institution.

Tag:

Get all the updates - click this link:

Add to | DiggThis| Yahoo My Web




About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2008 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds