In July 2003, California was among the first states to take a stand against companies hiding behind a previously guaranteed veil of anonymity. The California Security Breach Information Act (SB 1386) specifies that information accessed by unauthorized parties requires mandatory and timely disclosure to the people whose information was affected. The law has been so soundly received by consumers that dozens of other states are taking it upon themselves to enact similar laws.

After the ChoicePoint debacle this year, the U.S. Congress decided to get involved. Congress was tired of companies not affected by California's law getting away with not reporting lax security.

Finally, I thought, we will get some accountability.

Unfortunately, it appears highly likely that a weaker federal law -- which would invalidate stronger state laws like California's -- will be passed. The Data Accountability and Trust Act, or DATA Act, defangs the primary intent of the California law and will ensure that the public will rarely be informed when their personal information has been compromised.

And the House Committee on Energy and Commerce is bragging about this.