As Data Breach Legislation Advances in House, Subcommittee Votes Against Strengthening Protections for Consumers

Washington, DC - Today the Commerce, Manufacturing, and Trade Subcommittee of the House Energy & Commerce Committee marked up the draft Data Security and Breach Notification Act of 2015 and voted to advance the bill to the full committee. That bill, as OTI has described in testimony before the House last week and elsewhere, would, contrary to its name, eliminate key protections for sensitive information under existing state law and the Communications Act.

Voting along party lines, the subcommittee declined to include any pro-consumer amendments offered by Democrats, who have almost unanimously panned the draft bill. The amendments that were voted down included a proposal to make the category of information covered by the bill more flexible and expansive, proposals to preserve key privacy protections of the Communications Act, and proposals to retain states’ rights to pass and enforce related laws.

The following can be attributed to Laura Moy, Senior Policy Counsel of the Open Technology Institute:

“It is extremely disappointing that this data breach bill is advancing in its current form, which is unacceptably weak. The bill as drafted would seriously weaken existing data security and breach notification standards enacted at the state level and under the Communications Act. Worse, it would eliminate data security and breach notification requirements that currently apply to cable and satellite viewing histories and some health information.

“Put simply, it would be better for consumers’ privacy to pass no bill at all than to pass this bill in its current form. Several members of the subcommittee share our concerns with the draft and voiced them at today’s markup. We are hopeful that those concerns will be addressed in the full committee, and look forward to working with the committee to improve the bill at that stage before it progresses further.”