Sen. Patrick Leahy (D-VT), Chairman of the Senate Judiciary Committee, re-introduced a bill that would establish a national standard for the notification to consumers by corporations when data breaches occur.
Sen. Chuck Schumer (D-NY) and Sen. Ben Cardin (D-MD) cosponsored the Personal Data Privacy and Security Act, a reiteration of bills by the same name that have failed in each of the three previous Congresses.
“The many recent and troubling data breaches in the private sector and in our government are clear evidence that developing a comprehensive national strategy to protect data privacy and security is one of the most challenging and important issues facing our country,” said Leahy through a statement. “Protecting privacy rights is of critical importance to all of us”
The bill would criminalize concealing data breaches that could result in economic damages to consumers and increase penalties under the Computer Fraud and Abuse Act. The bills also makes hacking or attempting to hack a computer a criminal offense and private firms would be required to establish and maintain data privacy and security protocols.
The government would be required under the new measure to ensure the security of sensitive data is protected when it works with outside contractors. The General Services Administration would also be required to evaluate how contractors use and protect consumer data when authorizing contractors.