Attorney General Supports National Notification Standard for ID Theft

February 24, 2014

U.S. Attorney General Eric Holder, citing the recent massive data theft at retailer Target Corp., urged Congress on Monday to enact a national standard for notifying consumers about such breaches.

“This would empower the American people to protect themselves if they are at risk of identity theft,” Holder said in a statement urging congressional action. “It would enable law enforcement to better investigate these crimes – and hold compromised entities accountable when they fail to keep sensitive information safe.”

Data thefts at Target and luxury retailer Neiman Marcus Group LLC have rekindled enthusiasm in Congress for a single federal law on how customers should be notified about such breaches. But those efforts face the same roadblock as in the past: dozens of overlapping state laws are already in place.

Federal laws regulate how specific industries, such as banks and hospitals, handle compromised data security, but other kinds of companies, including retailers, face no such uniform standard.

Instead, 46 states and the District of Columbia have passed their own laws that tell companies when and how consumers have to be alerted to data breaches and what qualifies as a breach. Negotiations over fitting state standards under an umbrella federal law therefore face a tug of war among companies, consumer advocates and state authorities.

The National Retail Federation in a January letter to Congress restated its decade-old position in favor of a nationwide standard that would pre-empt state rules.

But some state attorneys general worry that federal standards would dilute their power to pursue violators.

Saying that data breaches “are becoming all too common,” Holder said Justice Department officials were working closely with the FBI and prosecutors to combat cyber criminals.

“It’s time for leaders in Washington to provide the tools we need to do even more,” he added, urging Congress “to create a strong, national standard for quickly alerting consumers whose information may be compromised.”

 

Subscribe Insurance news headlines delivered to your email.
Get a free subscription to our popular email newsletter.

Latest Comments

  • February 24, 2014 at 4:17 pm
    Crane says:
    I fail to see how notification will help in prosecuting these criminals. If a breach is multi-state, then perhaps it should be a federal crime. If only intrastate, then it sho... read more
  • February 24, 2014 at 1:46 pm
    Suspicous of Eric Holder says:
    Eric Holder why don't you work on the healthcare.gov website before you clean up the rest of the world? Hypocrite!
See all comments

Add a Comment

Your email address will not be published. Required fields are marked *

*

More News
More News Features