US SB1207 | 2011-2012 | 112th Congress
Status
Spectrum: Partisan Bill (Democrat 2-0)
Status: Introduced on June 15 2011 - 25% progression, died in committee
Action: 2011-06-15 - Read twice and referred to the Committee on Commerce, Science, and Transportation.
Pending: Senate Commerce, Science, And Transportation Committee
Text: Latest bill text (Introduced) [PDF]
Status: Introduced on June 15 2011 - 25% progression, died in committee
Action: 2011-06-15 - Read twice and referred to the Committee on Commerce, Science, and Transportation.
Pending: Senate Commerce, Science, And Transportation Committee
Text: Latest bill text (Introduced) [PDF]
Summary
Data Security and Breach Notification Act of 2011 - Requires the Federal Trade Commission (FTC) to promulgate regulations requiring each covered entity (proprietorships, partnerships, estates, trusts, cooperatives, and nonprofit and for-profit corporations) that owns or possesses data containing personal information to implement policies and procedures regarding information security practices for the treatment and protection of such information. Sets forth additional requirements for information brokers, including requiring brokers to: (1) submit their security policies to the FTC with a notification of a security breach or upon FTC request; (2) establish procedures to assure the accuracy of the information they collect, assemble, or maintain that is personal information or that identifies an individual; (3) provide individuals access to their personal information for review; and (4) correct inaccurate information. Authorizes the FTC to conduct information security practices audits of brokers who have had a security breach or require such brokers to conduct independent audits. Directs the FTC to require information brokers to establish measures that facilitate the auditing or retracing of access to, or transmissions of, any data containing personal information. Makes it unlawful for information brokers to obtain or disclose personal information by false pretenses (pretexting). Establishes procedures in the event of an information security breach. Requires a covered entity that discovers a breach to notify the FTC and affected individuals. Sets forth requirements concerning such notification, including the method of notification requirements and timeliness requirements. Allows an exemption from notification requirements if such entity determines that there is no reasonable risk of identity theft, fraud, or other unlawful conduct. Establishes a presumption that there is no such risk for encrypted data. Applies this Act to nonprofit organizations. Sets forth enforcement provisions.
Title
Data Security and Breach Notification Act of 2011
Sponsors
| Sen. Mark Pryor [D-AR] | Sen. John Rockefeller [D-WV] |
History
| Date | Chamber | Action |
|---|---|---|
| 2011-06-15 | Senate | Read twice and referred to the Committee on Commerce, Science, and Transportation. |
Same As/Similar To
HB1707 (Related) 2011-05-06 - Referred to the Subcommittee on Commerce, Manufacturing, and Trade.
HB2577 (Related) 2011-07-29 - Referred to the Subcommittee on Commerce, Manufacturing, and Trade.
HB2577 (Related) 2011-07-29 - Referred to the Subcommittee on Commerce, Manufacturing, and Trade.
Subjects
Administrative law and regulatory procedures
Business records
Commerce
Computer security and identity theft
Computers and information technology
Consumer affairs
Consumer credit
Federal preemption
Federal Trade Commission (FTC)
Fraud offenses and financial crimes
Internet and video services
Marketing and advertising
Right of privacy
Business records
Commerce
Computer security and identity theft
Computers and information technology
Consumer affairs
Consumer credit
Federal preemption
Federal Trade Commission (FTC)
Fraud offenses and financial crimes
Internet and video services
Marketing and advertising
Right of privacy
US Congress State Sources
| Type | Source |
|---|---|
| Summary | https://www.congress.gov/bill/112th-congress/senate-bill/1207/all-info |
| Text | https://www.congress.gov/112/bills/s1207/BILLS-112s1207is.pdf |
