The House Judiciary Committee swiftly approved its own data secur...
The House Judiciary Committee swiftly approved its own data security bill Thurs. The Cybersecurity Enhancement & Consumer Protection Act would add computer crimes and data theft to the Racketeer Influenced & Corrupt Organization (RICO) law and permit authorities to…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
start looking into data breaches before consumers are notified. The bill would also make hiding data breaches to impede govt. investigations a federal crime. The measure (HR-5318), sponsored by Chmn. Sensenbrenner (R-Wis.), got out of subcommittee this month (WID May 19 p8). The Business Software Alliance (BSA) welcomed the committee’s approval of HR-5318. “Cyber criminals are becoming increasingly sophisticated and organized, and law enforcement officials are in a constant race against time,” BSA Pres. Robert Holleyman said: “This bill will help close cyber loopholes in the criminal code, encourage early notification to law enforcement, and provide the necessary tools to find and prosecute online criminals.” Members also approved the House Commerce Committee’s Data Accountability & Trust Act (HR-4127), to which they were granted sequential referral. While Sensenbrenner said he had “serious concerns” about the bill, he told the committee it should report HR-4127 favorably. A speedy approval by the Judiciary Committee would allow a comprehensive data security bill to be crafted with the Judiciary Committee’s views “well represented in the process,” he said. HR-4127 requires the FTC to set reasonable security practices to secure computerized data containing personal information, and provides for nationwide breach notification. It also contains a preemption provision that purports to create a uniform national standard for handling breaches. Sensenbrenner said he feared the FTC “has virtually no expertise in the area of financial data regulation” and called this attempt at expanding its jurisdiction unwarranted. HR-4127’s allowance for state attorneys general to bring enforcement actions against financial institutions, rather than leaving regulation and enforcement to federal financial regulators, is a mistake, he added. There’s a place for AGs in enforcing violations but the Commerce Committee’s bill goes too far, he said. Although HR-4127 calls for national standards, it expressly protects state consumer protection laws and doesn’t preempt any law relating to fraud, Sensenbrenner said. “These broad exceptions raise questions about whether business entities will be subject to conflicting state and federal laws and regulations, undermining the goal of a nationwide standard,” he said. Amendments by Reps. Wexler (D-Fla.) and Scott (D-Va.) for both bills inserted special notification requirements for federal agencies, presumably created in response to the Dept. of Veterans Affairs’ massive data security breach. Those amendments were also approved by the committee.