US SB1976 | 2013-2014 | 113th Congress
Status
Spectrum: Partisan Bill (Democrat 4-0)
Status: Introduced on January 30 2014 - 25% progression, died in committee
Action: 2014-01-30 - Read twice and referred to the Committee on Commerce, Science, and Transportation.
Pending: Senate Commerce, Science, And Transportation Committee
Text: Latest bill text (Introduced) [PDF]
Status: Introduced on January 30 2014 - 25% progression, died in committee
Action: 2014-01-30 - Read twice and referred to the Committee on Commerce, Science, and Transportation.
Pending: Senate Commerce, Science, And Transportation Committee
Text: Latest bill text (Introduced) [PDF]
Summary
Data Security and Breach Notification Act of 2014 - Requires the Federal Trade Commission (FTC) to promulgate regulations requiring each covered entity (proprietorships, partnerships, estates, trusts, cooperatives, and nonprofit and for-profit corporations) that owns or possesses data containing personal information to implement policies and procedures regarding information security practices for the treatment and protection of such information. Establishes procedures to be followed in the event of an information security breach. Requires a covered entity that discovers a breach to notify the FTC (unless the covered entity has already notified a federal entity designated by the Department of Homeland Security [DHS] to receive such information) and affected individuals. Sets forth requirements concerning such notification, including methods of notification and timeliness requirements. Allows an exemption from notification requirements if such entity reasonably concludes that there is no reasonable risk of identity theft, fraud, or other unlawful conduct. Establishes a presumption that there is no such risk for encrypted data. Directs DHS to designate a federal entity that covered entities would be required to notify if a security breach involves: (1) the personal information of more than 10,000 individuals, (2) a database containing the personal information of more than 1 million individuals, (3) federal government databases, or (4) the personal information of federal employees or contractors known to be involved in national security or law enforcement. Requires the designated entity to provide each notice it receives to: the U.S. Secret Service; the Federal Bureau of Investigation (FBI); the FTC; the U.S. Postal Inspection Service, if mail fraud is involved; attorneys general of affected states; and appropriate federal agencies for law enforcement, national security, or data security purposes. Sets forth enforcement provisions for the FTC, state attorneys general, and the Attorney General (DOJ). Establishes criminal penalties of a fine, imprisonment for up to five years, or both, for concealment of a security breach that results in economic harm of at least $1,000 to an individual.
Title
Data Security and Breach Notification Act of 2014
Sponsors
Sen. John Rockefeller [D-WV] | Sen. Dianne Feinstein [D-CA] | Sen. Bill Nelson [D-FL] | Sen. Mark Pryor [D-AR] |
History
Date | Chamber | Action |
---|---|---|
2014-01-30 | Senate | Read twice and referred to the Committee on Commerce, Science, and Transportation. |
2014-01-30 | Senate | Sponsor introductory remarks on measure. (CR S656-657) |
Same As/Similar To
HB4400 (Related) 2014-04-11 - Referred to the Subcommittee on Commerce, Manufacturing, and Trade.
SB2378 (Related) 2014-05-21 - Read twice and referred to the Committee on Commerce, Science, and Transportation.
HB4711 (Related) 2014-05-23 - Referred to the Subcommittee on Commerce, Manufacturing, and Trade.
SB2378 (Related) 2014-05-21 - Read twice and referred to the Committee on Commerce, Science, and Transportation.
HB4711 (Related) 2014-05-23 - Referred to the Subcommittee on Commerce, Manufacturing, and Trade.
Subjects
Administrative law and regulatory procedures
Bank accounts, deposits, capital
Banking and financial institutions regulation
Business records
Civil actions and liability
Commerce
Computer security and identity theft
Computers and information technology
Congressional oversight
Consumer affairs
Consumer credit
Criminal investigation, prosecution, interrogation
Federal Trade Commission (FTC)
Fraud offenses and financial crimes
Intelligence activities, surveillance, classified information
Internet and video services
Right of privacy
Small business
Social work, volunteer service, charitable organizations
Bank accounts, deposits, capital
Banking and financial institutions regulation
Business records
Civil actions and liability
Commerce
Computer security and identity theft
Computers and information technology
Congressional oversight
Consumer affairs
Consumer credit
Criminal investigation, prosecution, interrogation
Federal Trade Commission (FTC)
Fraud offenses and financial crimes
Intelligence activities, surveillance, classified information
Internet and video services
Right of privacy
Small business
Social work, volunteer service, charitable organizations
US Congress State Sources
Type | Source |
---|---|
Summary | https://www.congress.gov/bill/113th-congress/senate-bill/1976/all-info |
Text | https://www.congress.gov/113/bills/s1976/BILLS-113s1976is.pdf |