The House Energy and Commerce Subcommittee on Commerce, Manufacturing, and Trade, chaired by Rep. Mary Bono Mack (R-CA), today examined the recent high-profile data breaches at Sony and Epsilon. These cyber crimes compromised the accounts and personal information of millions of Americans.
Representatives from both Sony and Epsilon testified in front of the subcommittee and provided detailed accounts of the events following the data breaches. Members were particularly interested in the companies' notification protocol following the intrusions.
Both witnesses voiced their support for federal data security legislation, stating that current standards are insufficient to protect consumers from sophisticated hackers. They expressed a need for a uniform federal notification standard to preempt the patchwork of state laws.
"Epsilon fully supports national legislation that would create a uniform standard for data breach notification. The current patchwork of individual state breach notification laws only serves to create confusion among consumers and businesses, and imposes unnecessary compliance costs," said Jeanette Fitzgerald, General Counsel for Epsilon Data Management. "A uniform national law, on the other hand, would provide predictability and equity for consumers, regardless of their state of residence, and would make it much easier and less costly for business to ensure any applicable notification requirements are met."
"By working together to enact meaningful cyber-security legislation, we can limit the threat posed to us all. We look forward to this initiative to ensure that consumers are empowered with the information and tools they need to protect themselves from cyber criminals," said Tim Schaaff, President of Sony Network Entertainment International.
Bono Mack pledged her commitment to working with her colleagues to pass comprehensive data security legislation to ensure Americans are protected from cyber crimes.
"These recent data breaches only reinforce my long-held belief that much more needs to be done to protect sensitive consumer information. Americans need additional safeguards to prevent identity theft, and I will soon introduce legislation designed to accomplish this goal," said Bono Mack.
"While I remain hopeful that law enforcement officials will quickly determine the extent of these latest cyber attacks, they serves as a reminder that all companies have a responsibility to protect personal information and to promptly notify consumers when that information has been put at risk. And we have a responsibility, as lawmakers, to make certain this happens."