Republicans and Democrats have reached a compromise on legislation mandating data brokers disclose to consumers certain unencrypted breaches of their personal information.

The accord comes almost five months after a subcommittee of the panel approved the Data Accountability and Trust Act (DATA Act) over the strenuous objections of Democrats who argued the legislation lacked any real teeth.

In the original version of the bill, the public disclosure trigger was based on a company's evaluation that a "significant risk" of identity theft existed with the breach. Democrats contended under that standard that breach disclosures would be few and far between.

In the compromise version, that threshold is lowered to a "reasonable" risk of identity theft.

"Identity theft ruins lives, and this bill ... strikes a blow for consumers," Rep. John D. Dingell (D-Mich.) said in a statement. "It focuses on strong security systems, notice to consumers of breaches and tough enforcement."

In November, Dingell, the ranking Democrat on the committee, was highly critical of the original bill, asking, "Why bother to pass a bill at all, if this is what we propose to do to the American public?"

The amended legislation narrows the definition of data brokers to only those companies that sell non-customer data to non-affiliated third parties. Companies in compliance with the Fair Credit Reporting Act, Gramm-Leach Bliley Act or the Health Insurance Portability and Accountability Act (HIPPA) would be deemed in compliance with the DATA Act.

This article was first published on InternetNews.com. To read the full article, click here.