House Panel Preps ID Theft Law | Internet News
Security
SHARE
Facebook X Pinterest WhatsApp

House Panel Preps ID Theft Law

Written By
Roy Mark
Roy Mark
Mar 24, 2006
2 minute read


Republicans and Democrats have reached a compromise on
legislation mandating data brokers disclose to consumers certain unencrypted
breaches of their personal information.


The accord comes almost five months after a subcommittee of the panel
approved the Data Accountability and Trust Act (DATA Act) over the strenuous
objections of Democrats who argued the legislation lacked any real teeth.


In the original version of the bill, the public disclosure trigger was based
on a company’s evaluation that a “significant risk” of identity theft
existed with the breach. Democrats contended under that standard that breach
disclosures would be few and far between.


In the compromise version, that threshold is lowered to a “reasonable” risk
of identity theft.


“Identity theft ruins lives, and this bill … strikes a blow for consumers,”
Rep. John D. Dingell (D-Mich.) said in a statement. “It focuses on strong
security systems, notice to consumers of breaches and tough enforcement.”


In November, Dingell, the ranking Democrat on the committee, was highly
critical of the original bill, asking, “Why bother to pass a bill at all, if
this is what we propose to do to the American public?”


The amended legislation narrows the definition of data brokers to only those
companies that sell non-customer data to non-affiliated third parties.
Companies in compliance with the Fair Credit Reporting Act, Gramm-Leach
Bliley Act or the Health Insurance Portability and Accountability Act
(HIPPA) would be deemed in compliance with the DATA Act.


The bill also requires data brokers to establish “reasonable” procedures to
verify the accuracy of the information they collect and calls for the
brokers to “regularly” monitor security systems for breaches.


It also provides for a Federal Trade Commission (FTC) or independent audit
of a data broker’s security practice following a breach. The FTC could
require annual audits for a period of five years after the breach.


“Under current law, anyone has a near-perfect right to package your personal
information and do almost anything they want with it,” Energy and Commerce
Chairman Joe Barton (R-Texas) said.

“They can change it, share it, rent it or
sell it. The constraints are so flimsy they’re laughable. Our goal in
developing this legislation is to encourage a culture of strong data
security.”


The entire Energy and Commerce Committee may vote on the bill as early as
Wednesday.
Roy Mark
Internet News Logo

InternetNews is a source of industry news and intelligence for IT professionals from all branches of the technology world. InternetNews focuses on helping professionals grow their knowledge base and authority in their field with the top news and trends in Software, IT Management, Networking & Communications, and Small Business.

facebook
x

Company

Contact us Advertise with us

Categories

News Enterprise Small Business Reviews Podcasts Blog Research

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information