Congress Pushes Tighter Online Data Security

Matt O'Conner
WASHINGTON — Responding to a spate of large-scale data security breaches at ChoicePoint, Bank of America and LexisNexis, both Democratic and Republican members of Congress are calling for legislation that would require information brokers and subscription websites to do a better job of protecting personal information on their databases.

Several Congressmen from both sides of the political fence have made sweeping indictments against the state of online data security but have offered few details on how they would fix the situation.

“The troubling events at ChoicePoint, Bank of America and now LexisNexis are a window on some of these weaknesses,” said Sen. Patrick Leahy, D-Vt.

Speaking at a Senate Banking committee hearing, Sen. Jon Corzine, D-N.J., said he will introduce a bill next week that would require “the chairman or chief enforcement officer to attest to the effectiveness of the systems that provide for control of information” and notify consumers whose information is in a database of any security breaches.

Although the highly publicized data thefts have primarily targeted data brokers, Sen. Charles Schumer, D-N.Y., said any new rules should apply to all commercial websites.

“The patchwork of state and federal laws don’t do the job,” Schumer said.

Rep. Joe Barton, R-Texas, said he plans to convene a hearing on the subject on March 15.

But some computer industry experts dismiss the sudden interest in online data protection as political grandstanding.

“They're using this as an excuse to advance not-terribly-relevant privacy protections,” said Jim Harper, director of information policy at the free-market Cato Institute. “These proposals are not focused on harm to consumers, which is what matters most.”