So what’s the answer? Empowering consumers is a good place to start. My legislation, the Secure and Fortify Electronic Data Act, does that by establishing uniform national standards for data security and data breach notification.
The SAFE Data Act (H.R. 2577) builds on legislation passed by the House in 2009 but never acted on in the Senate. Most importantly, it reflects the changing landscape of data breaches and data security since that time and is crafted around a guiding principle: Consumers should be promptly informed if their personal information has been jeopardized.
First, my legislation requires companies and other entities that hold personal information to establish and maintain appropriate security policies to prevent unauthorized acquisition of that data.
Second, it requires prompt notification of consumers after identifying the specific information that was breached, unless it was an innocent or inadvertent breach unlikely to result in harm.
And finally, the SAFE Data Act preempts similar state laws to create uniform national standards for data security and data breach notification. We have learned during our recent hearings that consumer notification is often hampered by the fact that companies must first determine their obligations under a hodgepodge of 47 different state regimes.
With almost 1.5 billion credit cards now in use in the United States — and identity theft affecting as many as 1 in 10 Americans — the SAFE Data Act provides important new safeguards for U.S. consumers. Given the growing importance of e-commerce in almost everything we do, we can no longer afford to sit back and do nothing.
You shouldn’t have to cross your fingers and whisper a prayer when you type in a credit card number on your computer and hit “enter.”
Instead, Congress needs to hit the “refresh key” and pass legislation that will better protect American consumers in the future from online thieves.
Rep. Mary Bono Mack (R-Calif.) is chairwoman of the Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade.