In wake of Target breach, Sen. Leahy brings back data privacy bill

Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) reintroduced a sweeping bill that aims to protect Americans’ data from cyber thieves on Wednesday.

He put forward the legislation after a headline-grabbing hack at Target exposed information about millions of shoppers' credit and debit cards during the holiday season.

In a statement on Wednesday, Leahy said that Target's recent data breach “is a reminder that developing a comprehensive national strategy to protect data privacy and cybersecurity remains one of the most challenging and important issues facing our nation.”

ADVERTISEMENT
Leahy first wrote the Personal Data Privacy and Security Act in 2005, and has reintroduced it in each session of Congress since. It has passed the Judiciary Committee multiple times but has never gotten through the full chamber.

The legislation would impose criminal penalties for people who hide security breaches that damage consumers, require companies that maintain databases with personal information to protect them and establish a nationwide standard for notifying consumers after a data breach.

“This is a comprehensive bill that not only addresses the need to provide Americans with notice when they have been victims of a data breach, but that also deals with the underlying problem of lax security and lack of accountability to help prevent data breaches from occurring in the first place,” he said.

Sens. Al Franken (D-Minn.), Charles Schumer (D-N.Y.) and Richard Blumenthal (D-Conn.) joined the bill as co-sponsors.

The Judiciary Committee will hold a hearing on data privacy early this year, Leahy said.

Recent hacks at Target, as well as the social media app Snapchat, have increased calls for the government to act to protect consumers’ information. Some have called for the Federal Trade Commission to intervene, though its authority on the subject is not well settled.