Wednesday, Sens. Tom Carper (D-DE) and Roy Blunt (R-MO) introduced the Data Security Act of 2014, which would help better protect consumers from identity theft and account fraud and would establish clear and consistent rules of the road nationally for public and private institutions to follow to prevent and respond to data breaches.
The bill would require entities such as financial institutions, retailers, and federal agencies to better safeguard sensitive information, investigate security breaches, and notify consumers when there is a substantial risk of identity theft or account fraud. These new requirements would apply to businesses that take credit or debit card information, data brokers that compile private information, and government agencies that possess nonpublic personal information.
The Data Security Act would better protect consumers by replacing the current patchwork of state laws and establishing one set of national standards. Today, 49 states and U.S. territories have enacted laws governing data security and data breach notification standards. Inconsistent and conflicting state-by-state standards force public and private entities to comply with multiple regulations, leaving many consumers in a confusing web of regulation depending on the state. This legislation would provide clarity and certainty to all parties involved.
Click here to read the complete press release.