In 2005, ChoicePoint, a data broker, gave access to personal information about more than 140,000 people to criminals posing as businesspeople. Since that widely publicized security breach, many states have passed laws protecting consumer information, but Congress still has not come through. Now, the House is considering a bill to require greater security for personal data. Consumers deserve this sort of protection.
One of the downsides of the technology revolution is that private information is more vulnerable than ever. Security breaches happen on a vast scale. A few years ago, when the laptop computer of an employee of the Department of Veterans Affairs was stolen from his home, the Social Security numbers and dates of birth of more than 25 million veterans and active-duty soldiers were put at risk of theft.
Representative Bobby Rush, an Illinois Democrat and chairman of the House Subcommittee on Commerce, Trade and Consumer Protection, is pushing a bill, H.R. 2221, to require companies holding electronic data containing personal information to adhere to security policies established by the Federal Trade Commission. The bill would require that companies notify affected individuals when their personal information is breached.
The bill also would strike a blow against companies that compile inaccurate dossiers on consumers. It would require data brokers— companies that collect and sell consumer data— to establish procedures for individuals to review the information being held on them and to correct it if it is wrong.
For all of its promise, the bill poses a risk. The vast majority of states now have good data security laws that have forced companies to act more responsibly than they once did. The House bill contains a “pre-emption” provision that would wipe out those state laws in the specific areas covered by the new federal law.
Pre-emption of consumer laws is generally not a good idea. States should be allowed to offer their residents greater protections, and to experiment with new approaches. For the federal law to be worth passing, it must offer more than state laws do. Mr. Rush’s bill has enough going for it— particularly the provision allowing consumers to correct errors in their data files— to be a step forward. But as lobbyists for data brokers and other businesses descend on the legislation, it is important that Congress not water down the protections that are in the current bill.
26 May 2009
Data mining
The New York Times has an editorial about your data and the people who want it:
No comments:
Post a Comment
No more Anonymous comments, sorry.