Cerasale: Expect Federal Data Breach Law This Year

Share this content:
NEW YORK -- One of four federal data breach notification bills probably will pass this year, according to Jerry Cerasale, senior vice president, government affairs at the Direct Marketing Association.

Cerasale briefed list professionals at a legislative update held yesterday by the DMA's List and Database Council.

"Odds are much higher now that a federal security breach law will pass before October 2006," he said.

Cerasale cited the four bills that the DMA considers important, listing those in the Senate Commerce Committee, Senate Judiciary Committee, House Financial Services Committee and House Energy and Commerce Committee as the ones from which the eventual law will come.

The federal bills resemble the California data breach notification law that prompted data broker ChoicePoint to reveal breaches early last year. Some other data breaches revealed last year involved LexisNexis, DSW Shoe Warehouse and CardSystems Solutions.

Cerasale said the details of the federal legislation likely to pass should become clearer in a few months. Meanwhile, the DMA is satisfied with many of the provisions in the bills. All four discussed by Cerasale would preempt state data breach notification laws.

Though all four bills say that the sensitivity of the personal information dictates whether breach notification is necessary, differences exist on what constitutes sensitive data. Three of the bills define sensitive data as name, address, e-mail address and other marketing data only if accompanied by a Social Security number, driver's license data or an account number such as a credit card number.

However, the Senate Judiciary bill added any government identification, mother's maiden name and exact date of birth as qualifying sensitive data when coupled with marketing data like name and address, Cerasale said.

In all four, the trigger for mandatory notification is set at "significant risk," a term still not clearly defined. There has been talk of changing "significant" to "reasonable" in the House Energy and Commerce bill, he said, though it is unclear how big a difference in the notification threshold that would make.

A major issue with the Senate Judiciary bill involves a provision that calls for access and correction for breached data, meaning that a consumer who was the victim of a breach of sensitive data would have the right to access his file and correct any errors. The DMA opposes this based partly on the expense but also because access might undercut antifraud measures, Cerasale said. He predicted a battle over this provision.

While the House Financial Services bill covers breach notification only, the other three have information broker provisions.

"Information brokers are defined as a person who rents, sells, exchanges, etc., personal information to a third party on non-customers," Cerasale said. The data that ChoicePoint sells to employers for applicant background checks would be an example.


Next Article in Marketing Strategy

Sign up to our newsletters

Company of the Week

Since 1985, Melissa has helped thousands of companies clean, correct and complete contact data to better target and communicate with their customers. We offer a full spectrum of data quality solutions, including global address, phone, email, and name validation, identify verification - available for batch or real-time processes, in the Cloud or on-premise. Our service bureau provides dedupe, email/phone append and geographic/demographic append services for better targeting and insight. For direct mailers, Melissa offers easy-to-use address management/postal software, list hygiene services and 100s of specialty mailing lists - all with competitive pricing and excellent customer service.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above