MOVING FORWARD IN SHAPING DATA PROTECTION LEGISLATION

Washington, Jul 28, 2005 - "The best approach for reducing data security breaches is achieved by empowering the consumer, business, and other stakeholders to be informed, in control, and encouraged to utilize the best technology to enhance data security and prevent identity theft," stated Rep. Cliff Stearns (R-FL), Chairman of the Commerce, Trade & Consumer Protection Subcommittee.  "In crafting robust and effective legislation, the point we need to make is that security sells.  Consumers must be confident that their information is secure."

The subcommittee today heard testimony on the draft language for bipartisan data security legislation.  Stearns outlines the main points of the proposal, "it requires entities that hold personal information to establish and implement appropriate security policies to prevent unauthorized acquisition of consumer data; requires consumer notification in the event of a material security breach of a database; imposes special requirements on those who compile and sell consumer data to third parties; and includes preemption of similar state laws to create a uniform national standard for data security and breach notification."

The witnesses expressed support for the major points of the draft proposal, and suggested specific changes that they believed would enhance the bill.  Daniel Burton, Vice President of Government Affairs for Entrust, Inc., praised these points of the proposal, "It focuses on electronic data, covers all persons who hold personal data and includes special requirements for data brokers, encourages comprehensive information policies and procedures, establishes a national breach requirement that pre-empts state law, gives regulatory authority to the FTC, and points to a reasonable notification standard."  Burton also proposed that the bill include a requirement for "the active engagement of executive management, creating an exemption for encryption, and a definition of encryption."

"I appreciate the input of our witnesses," concluded Stearns.  "My goal is develop this legislation through a bipartisan, open process that allows for constructive debate and discussion.  I will continue to solicit input to refine the bill to yield a balanced and effective product."