US Attorney General Eric Holder

Large-scale data breaches have become all too common as of late, and US Attorney General Eric Holder wants to do more than just catch the thieves. He has asked Congress to create a federal law requiring that companies notify their customers after detecting serious intrusions. Holder's proposal would exempt firms from reporting low-risk breaches, but it would also punish companies that either don't send a quick alert or haven't been doing enough to protect data in the first place. The would-be law isn't strictly necessary when 45 states have notification requirements in place, but it would hold corporations to a similar standard across the country.