Senate Judiciary Chairman Patrick Leahy (D-Vt.) has reintroduced a data breach bill that would set tougher rules for government agencies and private sector firms regarding consumers’ personal information.
This will be the third time around the block for the Personal Data Privacy and Security Act, which has cleared the Judiciary Committee, but never come to a vote on the Senate floor.
The bill would preempt the more than 40 state laws laying out requirements for notifying consumers in the event of a data breach, a long-deferred legislative goal that has the general support of the IT industry.
But Leahy’s bill is about more than just data breaches. Among other things, it would set baseline security information standards for government agencies, something that the Obama administration has begun to work on with the early steps of an overhaul of the government’s cybersecurity apparatus.
“This is a comprehensive bill that not only deals with the need to provide Americans with notice when they have been victims of a data breach, but that also deals with the underlying problem of lax security and lack of accountability to help prevent data breaches from occurring in the first place,” Leahy said in a statement. “Passing this comprehensive data privacy legislation is one of my highest legislative priorities as Chairman of the Judiciary Committee.”