Amidst this time of continuous, high-profile data breaches, lawmakers are scrambling to pass privacy legislation with teeth – the kind of bite that will really push companies to strengthen their data security measures and safeguard some customer data from even being collected or shared. At the recent data security and privacy hearing held by the Senate Commerce, Science and Transportation Committee, there appeared to be widespread agreement that national data breach laws are needed; the question is how to balance privacy regulations with the commercial interests of Internet businesses.
Three major bills currently circulating in the Senate attempt to address this delicate balance:
- The bipartisan Commercial Privacy Bill of Rights, led by Senators John Kerry and John McCain, would impose new restrictions on companies that collect personal data from consumers, including seeking permission from consumers before collecting and sharing sensitive religious, medical and financial data with third party entities.
- The Data Security and Breach Notification Act, led by Committee Chairman Jay Rockefeller and Mark Pryor, would require companies that own or collect sensitive customer data to undertake “reasonable” security measures to protect consumer privacy, alert customers within a set timeframe when their data has been breached, and entitle customers affected by a breach to two years of free credit monitoring or credit reporting services for two years.
- The Do-Not-Track Online Act, also led by Senator Rockefeller, would allow customers to block the ability of companies to track their online activity.
Which of these bills becomes law remains to be seen, and there is as yet no broad consensus for the details of privacy legislation. Nevertheless, the federal movement towards greater consumer protection should please ordinary consumers, who largely agreed in a recent poll that they should be able to opt out of Internet tracking from a single location. Consumer advocacy groups and even big technology companies have also expressed support for the legislative efforts, even if some business trade groups believe that the bills are overly restrictive.