Energy and Commerce Committee Approves Data Accountability and Trust Act

The House Energy and Commerce Committee last week approved H.R. 4127, Rep. Cliff Stearns' Data Accountability and Trust Act (DATA Act). "For years, I have been working to enhance consumer privacy and security for individual's personal information," said Sterns, who represents Florida's Sixth district. "I am pleased that the full committee approved my legislation to combat identity theft and to protect consumers' personal information.

"According to the Federal Trade Commission," said Sterns, "in a one-year period 10 million Americans were victimized through identity theft, costing businesses $48 billion and consumers $5 billion." Stearns offered, and the Committee approved, an amendment improving the underlying bill. H.R. 4127 would, according to a release from Stearns' office:

• Require any entity that experiences a breach of security to notify all those in the United States whose information was acquired by an unauthorized person as a result of the breach. Conspicuous notice on the breached entity's Web site is also required. The FTC must also be notified.
• Direct the FTC to create rules setting rigorous national standards for data brokers to protect personal information.
• Require data brokers to have a security policy that explains the "collection, use, sale, other dissemination, and security" of the data they hold.
• Require entities to appoint and identify a person in the organization that is responsible for information security.
• Provide for an FTC or independent audit of an information broker's security practices following a breach of security. Permit the FTC to conduct or require audits for a period of five years after the breach, or until the commission determines security practices are in compliance with the act and are adequate to prevent further breaches.