Still-Divided Committee Passes Data Breach Bill

By a vote of 29 to 20, a still politically divided House Commerce Committee approved the Data Security and Breach Notification Act. It is now expected to be taken up in the House, though both Republicans and Democrats signaled there would be changes to the bill before then. The bill, co-sponsored by House Commerce Committee vice chair Marsha Blackburn (R-TN) and Rep Peter Welch (D-VT), would require entities that collect personal information to secure it and provide notice to individuals if that security is breached. It would do so by preempting the current "patchwork" of laws with a single, national protection/notification standard.

At the markup of the bill on April 15, its bipartisan co-sponsorship was belied by the political and issue divides that still remained. Chief among them is the bill's preemption of state data security breach protection laws, which Rep Welch says is necessary and other Democrats say could wind up weakening protections given a national standard they say does not sufficiently protect personal information. Another big issue is how the Federal Trade Commission and Federal Communications Commission would divide up oversight of privacy. The bill would move some of the FCC's oversight of CPNI to the FTC.