Obama Proposes Personal Data Notification Law

Jan 13, 2015

New statute would require companies to report break-ins to consumers.

President Obama proposed new legislation that would standardize rules for companies reporting credit card compromise to their customers. The "Personal Data Notification and Protection Act” (if enacted by Congress) would require that companies inform their customers within 30 days after discovering an attack.
In the US, statutes related to reporting cybercrime are typically defined at the state level, meaning that the country has a confusing muddle of different laws with different requirements and protections. The situation is especially confusing for a consumer doing business with a company in another state. The law proposed by the president would provide uniform requirements for consumer protection.
Some consumer advocates have pointed out that, although the law would raise the notification requirements for several states, for other states, the federal law will be less strict than laws already in place. The intent of the law is apparently to set a minimum that would then allow states to set stricter requirements, but some advocates are waiting for the details before voicing support for the initiative.
President Obama also proposed the Student Data Privacy Act, which would restrict the ability of technology companies to profit from data mining students using Internet-connected devices in educational settings.

Related content

comments powered by Disqus

Issue 34: Linux Shell Handbook 2019 Edition/Special Editions

Buy this issue as a PDF

Digital Issue: Price $15.99
(incl. VAT)