Lawmaker Pushes Bill That Requires Encryption by Pennsylvania State Employees

This bill would protect Pennsylvanians by requiring that state employees use encryption when transmitting Social Security numbers, driver’s license numbers, financial information and other sensitive data.

by J.D. Prose, Beaver County Times, Pa. / April 14, 2017
Shutterstock

(TNS) -- State employees would be required to use encryption to guard work material containing sensitive data under legislation being offered by Rep. Rob Matzie.

Matzie’s Protecting Commonwealth Data bill, House Bill 1325, “would protect Pennsylvanians by requiring that state employees use encryption when transmitting Social Security numbers, driver’s license numbers, financial information and other sensitive data,” he said in a statement Thursday.

“My common-sense measure would help make transactions with the state safer by curtailing the use of nonsecure internet connections,” said Matzie, D-16, Ambridge.

Matzie’s bill joins others introduced by House Democrats, including Washington County state Rep. Brandon Neuman, after the Republican-controlled Congress recently rolled back internet privacy regulations.

Currently, Pennsylvania does not require state employees to use encryption, said Matzie, who warned that this lax “defensive programming” could create “a security gap that could be exploited.”

Matzie introduced similar legislation in 2014, but it failed to receive a House floor vote after unanimously being moved out of the House Consumer Affairs Committee.

In his statement, Matzie referred to hacking cases involving government bodies, including the state Senate, that make it clear that Pennsylvania must take measures to protect consumers’ privacy.

“The recent federal action has forced states to push for safeguards, and a host of bills are being crafted or introduced all over the country to solidify consumer protections,” he said.

Neuman, D-48, North Strabane Township, also announced Thursday that he is drafting legislation to require internet service providers to obtain permission from customers before storing, sharing or selling sensitive personal information.

His soon-to-be House Bill 1321 would restore those protections by the Federal Communications Commission that were eliminated by Congress.

“Citizens deserve a say on if, when and how their personal, online information, such as Social Security numbers and health information, is used or sold,” Neuman said in a prepared release. “Citizens are not cyber-serfs whose online privacy is available for the taking by the highest bidder.”

Neuman’s bill would require internet service providers receive permission to sell consumers’ information, such as minute-to-minute locations, health and financial data, and web browsing and app usage histories.

It would also allow consumers to opt-out of having their nonsensitive information shared and prohibit internet service providers, commonly referred to as ISPs, from denying service to customers who choose not to have their information sold.

©2017 the Beaver County Times (Beaver, Pa.) Distributed by Tribune Content Agency, LLC.

Platforms & Programs