Proposed data breach notification bill criticized as too weak

Proposed legislation that would require U.S. businesses to notify affected customers after data breaches is too weak because it would preempt stronger breach notification laws in several states and it wouldn’t cover several classes of data, including geolocation and health information, critics told lawmakers.

The proposed Data Security and Breach Notification Act covers only data linked to identity theft or financial fraud, including Social Security numbers, but would not require businesses and nonprofit groups to notify users if other information is stolen, said critics, including Democratic members of the House of Representatives Energy and Commerce Committee’s trade subcommittee.

To read this article in full or to leave a comment, please click here