epic.org informs today that three data breach laws moved forward in the Senate, after a favorable vote in the Senate Judiciary Committee.
This is great news for the data protection “legal universe”. Nevertheless, there is a long way until such bills will actually be enforced… But one can keep her fingers crossed.
These are three proposals:
1) S. 1408: Data Breach Notification Act of 2011
A bill to require Federal agencies, and persons engaged in interstate commerce, in possession of data containing sensitive personally identifiable information, to disclose any breach of such information.
2) S. 1535: Personal Data Protection and Breach Accountability Act of 2011
A bill to protect consumers by mitigating the vulnerability of personally identifiable information to theft through a security breach, providing notice and remedies to consumers in the wake of such a breach, holding companies accountable for preventable breaches, facilitating the sharing of post-breach technical information between companies, and enhancing criminal and civil penalties and other protections against the unauthorized collection or use of personally identifiable information.
3) S. 1151: Personal Data Privacy and Security Act of 2011
A bill to prevent and mitigate identity theft, to ensure privacy, to provide notice of security breaches, and to enhance criminal penalties, law enforcement assistance, and other protections against security breaches, fraudulent access, and misuse of personally identifiable information.