A bipartisan group of House commerce members are hoping to advance a data breach bill at a hearing to review the draft on Wednesday.
The Data Security and Breach Notification Act would replace 47 state data breach notification laws to set a national standard for how companies and organizations protect consumer data and notify consumers of a breach. Companies would be required to inform consumers within 30 days if their personal data, such as a social security or account number, may have been compromised.
An almost daily occurrence, data breaches hit an all time high last year: 784 per Identity Theft Resource Center, up nearly a third from the previous year. Since ITRC began tracking data breaches in 2005, more than 5,000 data breaches compromised more than 675 million records.
“Until today, Washington has been asleep at the switch while millions of Americans have had their personal information stolen by cyber criminals,” said Rep. Peter Welch (D-Vt.), who introduced the bill last week with Reps. Marsha Blackburn (R-Tenn.), Peter Welch (D-Vt.) and subcommittee chairman Michael Burgess (R-Tex.).
Despite a bipartisan introduction, the bill faced early criticism from House commerce ranking member Frank Pallone, Jr. (D-N.J.) and Rep. Jan. Schakowsky (D-Ill.), ranking member of the commerce, manufacturing and trade subcommittee, who said the bill could weaken consumer protections overall.
“We are disappointed with the draft…. Data breaches can create serious harm to consumers and businesses alike, and this bill does not provide solution,” Pallone and Schakowsky said in a statement.