Loading ...
Sorry, an error occurred while loading the content.

ISPLA ALERT New BILL-S 1151 Personal Data Privacy and Security Act of 2011

Expand Messages
  • Peter Psarouthakis
    S. 1151, the Personal Data Privacy and Security Act of 2011, has finally been introduced by Senator Patrick J. Leahy [D-VT]. It is cosponsored by Senators
    Message 1 of 1 , Jun 8, 2011
    • 0 Attachment
      S. 1151, the Personal Data Privacy and Security Act of 2011, has finally
      been introduced by Senator Patrick J. Leahy [D-VT]. It is cosponsored by
      Senators Benjamin L. Cardin [D-MD], Al Franken [D-MN] and Charles E. Schumer
      [D-NY]. Described as a bill to prevent and mitigate identity theft, ensure
      privacy, provide notice of security breaches, and to enhance criminal
      penalties, law enforcement assistance, and other protections against
      security breaches, fraudulent access, and misuse of personally identifiable
      information, it has been referred to the Committee on the Judiciary. The
      sponsor chairs that committee.

      Now, with the recent Lockheed Martin U. S. Government breaches and the Sony,
      Epsilon, Google hackings there is a strong chance that Congress will pass
      some type of legislation to ensure that consumers are notified when their
      personal sensitive information has been exposed, and that they are allowed
      an opportunity to correct inaccurate information that may be collected about
      them. "When I first introduced this bill six years ago, I had high hopes of
      bringing urgently needed data privacy reforms to the American people" said
      the sponsor. Although the Judiciary Committee favorably reported this bill
      three times--in 2005, 2007, and again in 2009--the legislation languished on
      the Senate calendar.

      As previously reported by ISPLA sponsors of similar legislation have been
      quoting statistics of the Privacy Rights Clearinghouse stating ". more than
      533 million records have been involved in data security breaches since
      2005." In his remarks on the Senate floor Senator Leahy referred to the
      recent breaches as a "ticking bomb.''

      The Personal Data Privacy and Security Act not only requires that data
      brokers let consumers know what sensitive personal information they have
      about them and to allow individuals to correct inaccurate information, it
      also requires that companies that have databases with sensitive personal
      information on Americans establish and implement data privacy and security
      programs. It calls for a single nationwide standard for data breach
      notification when sensitive personal information has been compromised.

      The bill also provides for tough criminal penalties for anyone who would
      intentionally and willfully conceal the fact that a data breach has occurred
      when the breach causes economic damage to consumers. It includes the Obama
      administration's recent proposal to update the Computer Fraud and Abuse Act,
      so that attempted computer hacking and conspiracy to commit computer hacking
      offenses are subject to the same criminal penalties, as the underlying
      offense.

      Finally, according to the Senator, his bill "addresses the important issue
      of the Government's use of personal data by requiring that Federal agencies
      notify affected individuals when Government data breaches occur, and by
      placing privacy and security front and center when Federal agencies evaluate
      whether data brokers can be trusted with Government contracts that involve
      sensitive information about the American people."

      The portion of this legislation dealing with information brokers and
      defining such activity would most likely apply to very few of our members.
      Here to this bill refers to a data broker as an entity that ". regularly
      engages in the practice of collecting, transmitting, or providing access to
      sensitive personally identifiable information on more than 5,000
      individuals..." Furthermore, under the section dealing with transparency
      and accuracy of data collection, the section does not apply to those
      services compliant with the FCRA or GLBA.

      This bill does not directly affect most investigators on what information
      they gather on the subjects of their inquiry nor will they have to allow the
      consumer access to or an opportunity to "correct" information contained in
      reports which do not fall under the FCRA.

      This is a bill that imposes restrictions on how the private sector and
      government will handle their data privacy and security programs. ISPLA, as
      well as likeminded stakeholders, will be carefully reviewing its provisions
      line by line and being watchful of any amendments.

      Bruce Hulme, ISPLA Director of Government Affairs

      For further information about our lobbying efforts please visit:

      www.ISPLA.org <http://www.ispla.org/>



      [Non-text portions of this message have been removed]
    Your message has been successfully submitted and would be delivered to recipients shortly.