Tech companies support national data-breach law


“Clarity around actions to be taken in the event of a data breach will serve both cloud consumers and providers,” the foundation said in its report. “Timely notification and transparency to consumers (individuals, organizations and governments) enables rapid response and the opportunity to minimize damage.”

The report also recommended strengthening criminal laws to prosecute people who attack computer systems and networks. 

Dan Reed, Microsoft’s vice president of technology policy and strategy, said current laws punishing data breaches are “antiquated."

He said: "If you think about the penalties for penetrating one account versus a hundred thousand accounts, it’s very hard right now to make clear criminal distinctions between those when in fact their effects on individuals are substantially different."

Republicans on the House Commerce, Manufacturing and Trade subcommittee approved the SAFE Data Act to establish a uniform national standard for notifications of data breaches last week. The bill now awaits a vote in the full Energy and Commerce Committee.