House tries again on data breach legislation

A new bipartisan data breach notification bill hit the House Friday, weeks after lawmakers were unable to get a floor vote for a previous effort.

Reps. Randy NeugebauerRobert (Randy) Randolph NeugebauerCordray announces he's leaving consumer bureau, promotes aide to deputy director GOP eager for Trump shake-up at consumer bureau Lobbying World MORE (R-Texas) and John Carney (D-Del.) are backing the bill, which would require companies to notify customers following a breach and set nationwide data security standards.


The measure is meant as companion legislation to an upper chamber effort from Sens. Tom CarperThomas (Tom) Richard CarperWhere do we go from here? Conservation can show the way Overnight Energy: EPA to regulate 'forever chemicals' in drinking water | Trump budget calls for slashing funds for climate science centers | House Dems urge banks not to fund drilling in Arctic refuge EPA will regulate 'forever chemicals' in drinking water MORE (D-Del.) and Roy BluntRoy Dean BluntSenate braces for fight over impeachment whistleblower testimony Booker, Merkley propose federal facial recognition moratorium GOP senators defend Sondland, Vindman ousters: They weren't 'loyal' MORE (R-Mo.), introduced two weeks ago. The senators said their bill is modeled on federal financial data security requirements.

Neugebauer chairs the House Financial Services Financial Institutions and Consumer Credit Subcommittee.

The Neugebauer-Carney bill hits the House after the Energy and Commerce Committee in April advanced its own data breach bill out of committee but couldn’t get it to a floor vote amid a partisan scuffle.

The two sides of the aisle have fought over how strongly a federal bill should preempt state laws. Democrats worry a weak federal standard might supplant robust existing consumer protections. Republicans fear an invasive law could give too much power to zealous federal regulators.

Financial trade groups quickly came out in favor of Neugebauer and Carney’s offering. They argue it would hold retailers and merchants to similar standards the financial industry already must meet.

The House and Senate are both suffused with data breach notification bills, complicating any path to passage.