| Page 2 of 2 < |
Accountability Is Key Goal of Privacy Legislation
Rep. Barney Frank (D-Mass.) heads the powerful House Financial Services Committee.
(Suzanne Plunkett -- Bloomberg News)
TOOLBOX
   Resize
COMMENT
 Discussion Policy
 CLOSE
Comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions. You are fully responsible for the content that you post.
Who's Blogging  |
"We want to ensure that if companies take steps like using encryption as part of their overall security plan that there would be some sort of safe harbor limitation on liability, said Gasster, whose group represents some of the world's largest computer security firms.
David Sohn, staff counsel for the Center for Democracy & Technology, a policy group in Washington, said an encryption exemption in a data breach bill would help avoid alarming consumers over data breaches that have a very low likelihood of compromising their personal information.
"So long as [the legislation] is written not to exempt companies that also have their encryption keys [needed to unscramble encrypted data] stolen along with their customers' information, there is a strong argument to be made that sending notices to consumers in those cases could desensitize people into not being vigilant in cases where it really matters," Sohn said.
While some major corporations -- most recently Microsoft -- have expressed support for some kind of federal consumer privacy law to govern how companies can use, combine and trade consumer data, the effort to produce baseline privacy protections for consumers may be among the most contentious of policy debates, said Fred von Lohmann, a senior staff attorney with the Electronic Frontier Foundation.
"Data privacy is one of those areas where you're going to have very big corporate interests on both sides," von Lohmann said. "The question with this issue -- as with others -- becomes, is this an area where dueling interest groups will make it difficult for Congress to come to an effective solution, or is it something that's moving so fast that anything Congress is likely to do will end up obsolete a year or two from now?"
Consumer groups also expect corporate- and government-backed data mining practices to receive heavy scrutiny from this Congress, in part because the Senate Judiciary Committee is now headed by Patrick Leahy, a Democrat from Vermont known for his staunch advocacy on consumer privacy matters.
The Bush administration has come under heavy fire from privacy advocates for its data mining initiatives and for pressuring Internet service providers to dramatically extend the length of time that they retain records of their customers' online activities. In a shining example of how few technology policy concerns divide neatly along partisan lines, the administration's data retention plan was backed with legislation offered by Rep. Diana DeGette, a Democrat from Colorado.
Leahy declined to comment for this story, but in a speech at the Georgetown University Law Center following the mid-term election, Leahy said he plans to introduce legislation to curtail what he called the "proliferation of data brokers and the burgeoning market for collecting and selling personal information."
