Senator sets out to pay back campaign donors by weakening financial privacy and data security laws.
January 12, 2007 - On Wednesday, Dianne Feinstein (D-CA) reintroduced a bill that had died in the 109th Congress. She wants you to think that the Notification of Risk to Personal Data Act would require companies and the government to notify you when your personal data is lost, stolen or otherwise accessed without proper authorization. But the bill is filled with enough loopholes that you could fly a jumbo jet through them, and it wouldn't even be a tight fit. Once again, Feinstein proves that she can write the best legislation that corporate money can buy. And yes, the financial services industry is her largest donor.
The press release from Feinstein’s was something to behold. It read in part, “the increased frequency of data breaches demonstrates that the legislation is needed sooner rather than later. Major data breaches have occurred in recent months at Boeing, UCLA, the Colorado Department of Human Services, Starbucks, the Chicago Voters’ Database, and Akron Children’s Hospital.”
“It’s critical that victims of a security breach are informed promptly when their personal or financial information has been compromised,” Senator Feinstein said. “Individuals cannot take the appropriate steps to protect themselves if they are not armed with detailed information about the breach. Without that knowledge, individuals are left defenseless to identity thieves.”
At ACCESS we agree with the good Senator’s statement. But the draft of the actual bill doesn’t accomplish any of the goals she laid out in the press release. In fact, had her bill been in place at the time of the data breaches mentioned, it is highly unlikely that we ever would have heard about any of them. That’s because of the loopholes it creates.
Specifically, the bill will allow anyone causing a data breach to conduct a risk assessment. If they determine that the risk for identity theft is low, then they won’t have to notify you when a data breach occurs. It also contains a number of loopholes to exempt government agencies from compliance.
None of this would be so bad if the bill was designed to set a federal minimum standard for how companies and government agencies should handle data breaches. But that is not the intent here. If passed into law, the bill would overturn data breach laws in more than 30 states; most of which are substantially stronger than Feinstein’s proposal.
But that’s the whole point. Dupe the voting public into believing that she is doing something good for them when in fact she is weakening existing consumer laws around the country and helping out those who donate to her campaigns.
In the last Congress, a number of similar proposals were defeated. At ACCESS, we are advising everyone to contact their elected representatives and tell them that they want more rights with regard to the way their data is used and that this bill should be defeated.
Note: When posting a comment, please sign-in first if you want a response. If you are not registered, click here. Registration is easy and free.
Only registered users can write comments.
Please login or register. |
Politics & Politicians 
