Congress introduces security breach bills

Share this content:

Members of Congress introduced security breach bills during the first half of the month, and the industry is watching the action closely to see if a federal bill will be passed.

In the Senate, Sen. Patrick Leahy (D-VT), chairman of the Senate Judiciary Committee, and Sen. Arlen Specter (R-PA), ranking member of the same committee, introduced on Feb. 6 a revised version of their Personal Data Privacy Act that was approved by the Senate Judiciary Committee last year but died before a floor vote. A key feature of the legislation, S. 495, includes increasing criminal penalties for identity theft involving electronic personal data and making it a crime to intentionally or willfully conceal a security breach involving personal data.

"We've been in favor of a national standard in security breaches for a long time, and we expect a security breach bill to be passed in Congress this session," said Jerry Cerasale, senior vice president of government affairs for the Direct Marketing Association.

A security breach bill was also introduced in the House on Feb. 8 by Reps. Bobby Rush (D-IL) and Cliff Stearns (R-FL). The bill, The Data Accountability and Trust Act (DATA), HR 958, which is currently in the Energy and Commerce committee, says that any business that houses personal information must implement specific security practices, including methods for dealing with disposal of "obsolete" information. The bill would also mandate notification requirements in the event of a breach of personal data.

Mr. Cerasale said that the DMA has worked hard to make sure that marketing data is not covered in either bill.

"We want to make sure that if I buy a 'Save the Children' tie, that you can't steal my identity with that information," Mr. Cerasale said. "Our push is to ensure that marketing data is not included within the scope of notification."

The House bill allows for access and correction, meaning marketers must let consumers access or change data.

"This is something we oppose because we see this as a possible security risk rather than a security enhancement," Mr. Cerasale said. "If consumers can go in and get or change data, crooks may be able to go in and change data as well. [The function] takes away a tool to help marketers nip identity theft in the bud."

Mr. Cerasale, however, said that the DMA is working with Congress on both bills and hopes the right one will be passed.

"It's not like we are miles apart in agreement," he said. "We are dealing with a few issues and we are going to be working hard on this and hope to get it solved soon."

Sign up to our newsletters

Company of the Week

Since 1985, Melissa has helped thousands of companies clean, correct and complete contact data to better target and communicate with their customers. We offer a full spectrum of data quality solutions, including global address, phone, email, and name validation, identify verification - available for batch or real-time processes, in the Cloud or on-premise. Our service bureau provides dedupe, email/phone append and geographic/demographic append services for better targeting and insight. For direct mailers, Melissa offers easy-to-use address management/postal software, list hygiene services and 100s of specialty mailing lists - all with competitive pricing and excellent customer service.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above