House panel approves data breach notification bill

20.07.2011
A U.S. House of Representatives subcommittee has voted to approve a bill that would require companies to notify affected customers about data breaches and would require businesses holding personal information to establish data security programs.

The House Energy and Commerce Committee's trade subcommittee approved the (SAFE Data Act) by a voice vote Wednesday, after hours of debate on the legislation. Democrats on the subcommittee offered several amendments in an effort to broaden the types of personal data the bill would cover, but the majority Republicans rejected the amendments.

The bill is filled with "loopholes that sacrifice data security and privacy," said Representative Henry Waxman, a California Democrat. "A bill that is supposed to be enhancing data security and consumer privacy would actually seriously undermine it."

Representative Mary Bono Mack, the subcommittee chairwoman and a California Republican, urged lawmakers to move forward with , which she sponsored.

"It's time for Congress to take decisive action," she said. "Sophisticated and carefully orchestrated cyber-attacks -- designed to obtain personal information about consumers, especially when it comes to their credit cards -- have become one of the fastest-growing criminal enterprises here in the United States and across the world."

The bill now heads to the full committee for debate and a vote. The legislation would require businesses to report data breaches within 48 hours in most cases, and it would require the U.S. Federal Trade Commission to create data security rules for businesses that hold personal data.