Wednesday, March 7, 2007
Federal Data Security Bill Still At An Impasse
Lobbyists for the financial services industry are expressing concern that the Democratically controlled Congress may produce a data security bill that is more onerous than what the industry had been hoping for, and that gives state attorneys general more enforcement authority than they would like to see. The difficulty that has stymied an agreement on legislation thus far has been the inability of the financial services industry to work out jurisdictional issues with states, as advocated by the House Energy and Commerce Committee. That Committee would subject banks to rules written and enforced by the FTC and state attorneys general, and has reintroduced a bill to that effect that was approved in committee last year. The Financial Services Committee, on the other hand, hopes to work out the jurisdictional issues with the E&C Committee in order to introduce a compromise bill. On the Senate side, the chairman of the Judiciary Committee, Senator Patrick Leahy, has reintroduced a far-reaching data security bill approved by his committee last year, that also defers to the authority of the state attorneys general. Joining this Senate bill are two other Senate bills introduced by Senator Dianne Feinstein, one outlawing the sale of Social Security numbers, and the other a data breach notification bill. The American Bankers Association supports a data security bill, but opposes the involvement of state attorneys general. It is concerned with the regulatory burden of multiple state standards, and has been lobbying for a single national standard. Thus, lobbyists for the financial industry state that the industry would not be disappointed if the bills, as currently written, do not move forward during this session of Congress.