Sens. Specter, Leahy Offer Data Privacy Bill

Share this content:
A bipartisan Senate bill introduced this week would require notification of consumers in the event of a data breach as well as increase penalties and include jail time for company executives who fail to provide notification.

The Personal Data Privacy and Security Act of 2005, introduced June 29 by Judiciary Committee chairman Arlen Specter, R-PA, and Sen. Patrick Leahy, D-VT, also contains a provision that would grant consumers access to and the opportunity to correct public records, as well as a provision to limit the buying, selling and displaying of Social Security numbers.

This action followed the June 17 reports that CardSystems Solutions Inc., which claims to process $15 billion in Visa, MasterCard, American Express and Discover transactions annually, announced it had discovered a possible security breach May 22 and had contacted the FBI and the Visa and MasterCard card associations.

"CardSystems immediately began a remediation process to ensure all systems were secure," the Tucson, AZ, company said in a statement. "Additionally, CardSystems immediately engaged an independent third party to validate systems security."

Unauthorized storage of credit and debit card transaction data allowed the security breach at the third-party credit and debit card processing firm, potentially exposing 40 million cardholders to risk, according to The New York Times and Associated Press reports.

Also on June 17, MasterCard International revealed that the 40 million cards at possible risk included 13.9 million MasterCard-branded cards. According to MasterCard, its security team detected the breach and has directed CardSystems to come into compliance with the firm's security requirements.

CardSystems chief executive John M. Perry told the Times and AP that about 200,000 records across all card issuers were confirmed as stolen and that the data were being stored by his company without authorization and in violation of the credit card issuers' rules. He said the records were kept for research but that the practice was immediately discontinued. Transactional records include name, account number, expiration date and security code.

MasterCard told the press that 68,000 of its card accounts were identified as high risk because the data were exported from CardSystems.

In reaction to the news, the Federal Financial Institutions Examination Council, a group of five federal banking regulators, said June 21 that it was looking into the breach.

Even before this breach was revealed, federal legislators were crafting several bills on data security and identity theft. The Senate Committee on Commerce, Science & Transportation considered legislative options at a hearing on those topics June 16.

With a potential 40 million cardholders at risk, the CardSystems breach is seemingly the largest made public. Others have included CitiFinancial with 3.9 million customers at risk, data provider ChoicePoint with 145,000 consumers notified of a breach and LexisNexis with 312,000.

Kristen Bremner covers list news, insert media, privacy and fundraising for DM News and To keep up with the latest developments in these areas, subscribe to our daily and weekly e-mail newsletters by visiting

Sign up to our newsletters

Company of the Week

USAData helps businesses find new customers and grow their current customers through a combination of data and digital marketing services, and easy-to-use SaaS technology products. We enrich customer data so businesses can more effectively target and communicate with customers, and connect them with their best look-alike prospects through digital and traditional channels. We make it easy through simple, self-serve applications and APIs, as well as through full-service programs managed by our Data and Digital experts. 

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above