Latest in Gear

Image credit: Kevin Lamarque / Reuters

Proposed Senate bill could send execs who conceal breaches to jail

Similar legislation failed to pass in 2015.
329 Shares
Share
Tweet
Share
Save

Sponsored Links

Equifax Interim CEO Paulino Barros (L), former Equifax CEO Richard Smith (C) and former Yahoo Chief Executive Marissa Mayer testify before a Senate Commerce, Science and Transportation hearing on "Protecting Consumers in the Era of Major Data Breaches" on Capitol Hill in Washington, U.S., November 8, 2017. Kevin Lamarque / Reuters

A re-introduced Senate bill is addressing a timely topic, by making it a crime -- punishable by up to five years in prison -- if companies knowingly conceal a breach of customer information. After a slew of cyber attacks (like the one on Equifax) and news that Uber concealed a breach impacting some 57 million people, Sen. Bill Nelson, the ranking Democrat on the commerce committee, is reviving a bill he tried to pass during the last session called the "Data Security and Breach Notification Act (PDF)."

If it becomes law, then it would overrule the many statewide laws regulating breach notifications by establishing a nationwide standard. There's a requirement for companies to notify customers within 30 days, along with the potential criminal penalties. It also directs the FTC to develop standards businesses must follow if they collect customer information, like naming a person in charge of information security, establishing a process to identify vulnerabilities, have a process for the disposal of information, and other items in that vein.

In a statement, Nelson said "Congress can either take action now to pass this long overdue bill or continue to kowtow to special interests who stand in the way of this commonsense proposal. When it comes to doing what's best for consumers, the choice is clear."

In 2015 Nelson's bill was one of several introduced to deal with the issue of protecting customers from these leaks and it's likely that it will again have company. Splits, mostly along party lines, over concerns of privacy, and potential over-regulation are some of the reasons legislation didn't pass then and could prevent that from happening again.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
329 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
iFixit's iPhone 11 Pro Max teardown investigates charging rumors

iFixit's iPhone 11 Pro Max teardown investigates charging rumors

View
TiVo wants to make a comeback with $50 Android TV dongle

TiVo wants to make a comeback with $50 Android TV dongle

View
Neo Geo retro stick console includes 'King of Fighters,' 'Samurai Shodown'

Neo Geo retro stick console includes 'King of Fighters,' 'Samurai Shodown'

View
Watch the 'Android' Nokia phone that never had a chance to exist

Watch the 'Android' Nokia phone that never had a chance to exist

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr