The stream of high-profile data thefts this winter has turned a trickle of concern over information protection and privacy into a torrent of action on Capitol Hill. Congress will hear a second round of testimony this week from ChoicePoint Inc. executives—and thats just a small part of whats on tap.
Over the next few months, new bills will be drafted to establish parameters for the collection, storage and use of personal data, spanning Internet-based technologies from spyware and hacking to so-called evil-twin attacks. Issues once viewed as separate legislative matters, such as spyware and phishing, are being combined as lawmakers gradually formulate broader privacy policy.
Several senators, including Chuck Schumer, D-N.Y., and Patrick Leahy, D-Vt., are working on data protection measures that address the responsibility of legitimate data collectors and the punishment of law breakers.
Identity theft “is the crime of choice these days,” Schumer said last week at a hearing of the Senate Committee on Banking, Housing and Urban Affairs.
Both the Federal Trade Commission and the Securities and Exchange Commission are investigating the ChoicePoint incident. FTC Chairman Deborah Platt Majoras told the committee that Congress should consider a notification requirement for consumers. And following Bank of America Corp.s loss of back-up tapes, Sen. Jon Corzine, D-N.J., unveiled a bill late last week that would require company officials to attest that data is safe.
Privacy legislation introduced earlier this year is now moving rapidly, spurred by recent data thefts at ChoicePoint, Bank of America, Reed Elsevier Inc.s Lexis-Nexis and DSW Inc. Measures long promoted by a few lawmakers are gaining wider appeal.
An anti-spyware bill won unanimous approval last week from the House Commerce Committee and a promise from key members for timely action by the full chamber. A similar bill won resounding approval by the House last year, but it stalled in the Senate.
In a nod to industry concerns that the bill could be too broadly interpreted and ensnare legitimate data collection practices, the committee amended it to explicitly exempt HTML and Java to the extent that they facilitate ordinary construction of Web pages.
“In my mind, invading a personal computer is not different from breaking and entering into a persons home,” said Rep. Joe Barton, R-Texas. “I want the FTC to go after these spyware folks and … go after them with a vengeance.”
Barton said he received assurances that the Senate will act on spyware this year and not let the initiative die as it did in the last session of Congress.
Sen. Conrad Burns, R-Mont., plans to reintroduce his SPYBLOCK measure by this summer, said a Burns aide. “The draft is being fine-tuned,” the aide said, adding that the bill is going to be “extremely similar” to the one introduced in the last session of Congress. Rather than lack of support, lack of time killed the measure the first time around, the aide said.