• Categories

  • Archives

    « Home

    CNN: Holder says Congress should require companies to disclose data breaches

    CNN reports that U.S. Attorney General Eric Holder wants more protection for consumers whose private data is revealed through security breaches at companies:

    Attorney General Eric Holder is calling on Congress to require companies to more quickly alert customers when their personal information is put at risk in cyberbreaches. […]

    Federal law currently doesn’t offer any standard for companies to notify customers following breaches, though some states have notification laws. Many companies are wary that public notification will hurt their business.

    Proposals in Congress to require a uniform notification and security standard have languished for years.

    Support for one bill proposed by Sen. Patrick Leahy, D-Vermont, has grown in the wake of the massive breach of retailer Target, which Holder says compromised personal information of up to 70 million people, including credit- and debit-card data of 40 million Target customers.

    Leahy’s bill proposes to do much of what Holder is asking. […]

    One criticism of mandated notification is that the number of such reported crimes could overwhelm law enforcement. Holder, in his video message, says any legislation should also provide exemptions for minor breaches.

    Leave a Reply