Senators introduce bipartisan data breach legislation

Senators introduce bipartisan data breach legislation

Congress is growing cluttered with legislation that would set nationwide data security standards for companies.

Sens. Tom CarperThomas (Tom) Richard CarperConsensus forming for ambitious climate goal: Net zero pollution Overnight Energy: Controversial Trump adviser reportedly returning to EPA | Delta aims to be first carbon neutral airline | Dem senator gives EPA D-minus on 'forever chemicals' Democratic senator gives EPA a D-minus on implementing PFAS action plan MORE (D-Del.) and Roy BluntRoy Dean BluntSenate braces for fight over impeachment whistleblower testimony Booker, Merkley propose federal facial recognition moratorium GOP senators defend Sondland, Vindman ousters: They weren't 'loyal' MORE (R-Mo.) on Thursday introduced the Data Security Act, the Senate’s second major bill on the topic.


In addition to the minimum data security requirements, the bill would also instruct companies on how to notify customers in the wake of a breach.

“Nearly every day it seems we hear of another data breach that has compromised consumers’ sensitive information,” Carper said in a statement. “Yet despite the increasing frequency and scope of data breaches, there still is no single federal law that provides clear, consistent, and comprehensive protection to American consumers impacted by a data breach.”

The pair has tried to move the bill several times before but gotten nowhere.

But a rash of data breaches at major retailers and banks over the past year has given new life to cyber bills on Capitol Hill. Lawmakers made moving cyber legislation a priority in 2015.  

It has created a glut of offerings.

In January, Sen. Bill NelsonClarence (Bill) William NelsonThe most expensive congressional races of the last decade Lobbying world Bottom Line MORE (D-Fla.), the top Democrat on the Senate Commerce Committee, offered his own bill on the subject. It mirrors a White House proposal and contains many similarities to the Carper-Blunt offering.

Nelson told The Hill Wednesday night that he was working with Commerce Committee Chairman John ThuneJohn Randolph ThuneMcConnell tees up votes on two abortion bills Senate votes to rein in Trump's power to attack Iran As many as eight GOP senators expected to vote to curb Trump's power to attack Iran MORE (R-S.D.) to find a way to move his bill, possibly complicating the path forward for the Carper-Blunt effort.

In addition to the Senate bills, the House is also trying to act on two similar measures. It has generated some confusion, as lawmakers jockey over which bill to support.

In a surprising House Energy and Commerce Committee markup Wednesday, all Democrats — including the bill’s co-sponsor — pulled support for an offering from Reps. Marsha BlackburnMarsha BlackburnAbortion wars flare up in Congress Hillicon Valley: Judge approves T-Mobile, Sprint merger | FTC to review past Big Tech deals | State officials ask for more cybersecurity help | House nears draft bill on self-driving cars Senate GOP blocks three election security bills MORE (R-Tenn.) and Peter WelchPeter Francis WelchA disaster for diplomacy and the Zionist dream Sanders endorses 9 progressive House candidates Biden leads 2020 pack in congressional endorsements MORE (D-Vt.).

But Welch later insisted his bill was still alive and could hit the floor soon, despite an analogous bill from Reps. Joe Barton (R-Texas) and Bobby Rush (D-Ill.) that would seem to have more Democratic support.

Carper maintains his bill, modeled after federal financial data security requirements, would ensure that “entities handling secure personal and financial information take the steps necessary to protect it and respond swiftly and effectively in the unfortunate event of a breach.”

But more importantly, lawmakers must act on something, he said.

“It’s long past time for Congress to act to implement a national data breach law.”