How to Choose the Right Cybersecurity Solution REGISTER >
That's the sentiment of U.S. Sen. Bill Nelson (D-Fla.). He and Charles Schumer (D-N.Y.) want data brokers, such as ChoicePoint and LexisNexis, to be regulated in the same manner as credit bureaus.
''We must mandate that companies must reasonably protect this information collected on virtually every American,'' Nelson said. ''As a result of what we've seen so far, if we don't do something, none of us are going to have any identity left.''
Their goal in co-sponsoring new legislation is to require notification to consumers when their data is compromised and crack down on the sale of Social Security numbers.
''This is a very serious thing with several bills already introduced in Congress. It's going to be a very difficult thing to handle,'' Chairman Ted Stevens (R-Alas.) predicted.
As they have in three previous appearances before Congressional panels this year, executives from ChoicePoint and LexisNexis headlined Tuesday's hearing. And, as before, they again apologized for their companies' well-publicized data breaches while touting their strengthened security measures.
''Even if they [ChoicePoint and LexisNexis] improve their business practices, there are still hundreds of smaller data brokers who have no incentive to change their ways since there is no law governing their behavior,'' Stevens said.
Tuned into the current Capitol Hill clamor for federal action, both companies said they support a data breach disclosure law as long as it pre-empts any existing state laws. If forced to accept regulations, the companies prefer to deal with one federal standard as opposed to a patchwork of state laws.