Did you know that there are 47 separate state-based notification standards for data breaches? Not to mention that those notification standards vary by industry—that’s a lot to understand.
This is why many groups are calling for federal action. A coalition of national and state retail associations as well as hotels, grocery stores and petroleum sellers are calling for congress to “standardize reasonable, timely notification of sensitive data breaches whenever and wherever they occur.”
What are the benefits?
Businesses have a lot to gain from a federal data breach law. Currently congress only regulates health care and banking data security; a business in any other industry has to adhere to all of the 47 state laws when responding to a breach. Each law is vastly different; they don’t even all agree on what constitutes a breach.
A federal law would standardize the notification process and alleviate some of the pressure put on businesses to comply with and understand the individual state laws.
Will federal data breach laws protect against attacks?
The laws themselves will most likely not protect against future attacks as notification takes place after a breach has been detected and/or stopped. But, U.S. Attorney General Eric Holder said a national breach law “would enable law enforcement to better investigate these crimes and to hold compromised entities accountable when they fail to keep sensitive information safe.”
What are the cons when it comes to federal data breach laws?
As with most federal laws, there is a fear that the law would limit the power of the states. Those opposed to the law are concerned that a national law would actually reduce the number of regulators who fight data breaches on the state level.
Even with that concern in mind, those opposed to the law are open to federal regulation if there is room in the law for states to modify the law with stricter standards. These individuals would like the federal law to be a base for states to build upon.
Whether you want federal regulation or not, make your voice heard! Data breaches are going to continue to be a hot topic in 2015, so contact your state’s senators and representatives and tell them what you want from them moving forward. You are the security experts; congress needs to hear form you to make the best decision on data security laws. And share your thoughts with us below. We’re interested in hearing whether you are for or against national data breach laws.