Amid the massive Uber data breach in which company officials paid hackers $100,000 to cover up the incident affecting 57 million users, three Democratic senators introduced a bill Thursday that would require companies to notify customers of data breaches within 30 days of their discovery.
The legislation, proposed by Sen. Bill Nelson, D-Fla., and called the Data Security and Breach Notification Act (S.2179), would also impose a five-year prison sentence on organizations caught attempting to cover up these breaches.
"We need a strong federal law in place to hold companies truly accountable for failing to safeguard data or inform consumers when that information has been stolen by hackers," Mr. Nelson said. "Congress can either take action now to pass this long overdue bill or continue to kowtow to special interests who stand in the way of this commonsense proposal. When it comes to doing what’s best for consumers, the choice is clear."
The bill, co-sponsored by Sens. Tammy Baldwin, D-Wis., and Richard Blumenthal, D-Conn., would also require the Federal Trade Commission to develop standards for business to follow in order to better protect consumers' personal and financial data, in addition to offering incentives to businesses that adopt new technologies that make consumer data unusable or unreadable if stolen during a breach.
Mr. Nelson introduced a similar bill in the Senate last year.
More articles on cybersecurity:
Apple's heart study goes live with Stanford, American Well
Here are the 4 women named women of the year for tech in Georgia