Sensenbrenner proposes bill to report data breach security

And whenever Sensenbrenner does anything, I'm worried.

A new bill sponsored by the infamous House Judiciary Committee Chairman James Sensenbrenner requires private companies to report significant data breaches to the federal government within two weeks. Under the terms of the new Cyber-Security Enhancement and Consumer Data Protection Act of 2006 (PDF) (H.R. 5318), failure to disclose information about the infiltration of electronic databases containing information on at least 10,000 people or information on federal employees can lead to harsh punishments, including jail time:

Whoever owns or possesses data in electronic form containing a means of identification (as defined in section 1028), having knowledge of a major security breach of the system containing such data maintained by such person, and knowingly fails to provide notice of such breach to the United States Secret Service or Federal Bureau of Investigation, with the intent to prevent, obstruct, or impede a lawful investigation of such breach, and if such breach causes a significant risk of identity theft, shall be fined under this title, imprisoned not more than 5 years, or both.

Last a year, the personal data of over a hundred thousand people was stolen from a company called ChoicePoint. The ChoicePoint debacle and similar situations have compelled the government to look for better ways to ensure that companies are doing everything in their power to protect consumer data and prevent identity theft. At this point, 28 individual states have enacted their own laws requiring the disclosure of data breaches and similar laws are pending in many other states.

Despite the apparent need for better regulation concerning disclosure of data breaches, this new proposal abysmally fails to acknowledge the rights and needs of data theft victims. Although the proposal requires companies to report data breaches to federal law enforcement agencies, it does not require those companies to report data breaches to the affected consumers. In addition, the proposal would imbue the government with the authority to prevent a company from voluntarily disclosing data breach details to consumers in cases where doing so could conflict with a criminal investigation or national security, even when the company is obligated to inform consumers under applicable state laws: if the United States Secret Service or Federal Bureau of Investigation determines that any notice required to be made to consumers under State or Federal law would impede or compromise a criminal investigation or national security, the United States Secret Service or Federal Bureau of Investigation shall direct in writing within 7 days that such notice shall be delayed for 30 days, or until the United States Secret Service or Federal Bureau of Investigation determines that such notice will not impede or compromise a criminal investigation or national security;

http://arstechnica.com/news.ars/post/20060512-6818.html

He's like an old dog that needs to be put out of its misery.

Lots of time to study, I guess.

of holding hearings as chairman of House Judiciary. This way he gets some news back home and he knows it will never become law.

http://yro.slashdot.org/article.pl?sid=06/05/13/0247258

quoting from link:
Look, who gives a flying fuck if the government knows? I certainly don't. In fact, I'd rather they didn't.

This government is getting way to nosy, IMHO. I don't care what the reason is, I'm sick and fucking tired of being saved from myself. Let me smoke my cigarette in my bar, and masturbate the Islamic terrorist porno, leave me ALONE.

Hey old white bastards, how about a law that requires me to be informed when my companies data has been hacked? Or better yet, why don't you worry about things like maintaining roads. Why is it that the NSA knows what sort of hemorrhoid creme I prefer, and when my girlfriend's periods are, but I can't drive down I-20 for more than 3 hours without needing a new wheel alignment for my car?

How about a fucking law that says I get to be informed every single time my personal information is accessed by the government? Every time I turn on the news I seem to be reading about how the Department of Homeland Security is making sure I'm following the latest terror alerts and that I'm not cooperating with al-Qaida via Xbox Live. I mean, Jesus, what the hell.

Even better, the slashdot summary makes it sound like they can circumvent state legislation. Um, my constitutional skills may be a little rusty, but I'm pretty sure that's what the 10th Amendment was all about.

While we're on the subject, what about the 9th Amendment? I'm pretty sure that that one said that we have rights that may not be explicitly mentioned in the Bill of Rights, and thus, we reserve those rights. It seems like America is serving up it's rights like a Shoney's smorgasbord. It's like 8.99 all-you-can-give-away at the Patriot Act Red Lobster. Jesus.

Douglas Adams once said (forgive my horrible paraphrasing, as I don't have my copy of Salmon of Doubt with me) that Australians often say "We're the last place left mate," and it made him nervous because of the confidence with which he said it. Makes me wanna see if they're right, cuz quite frankly I'm sick of this place. It's not just the politicians, it's the people. How can my vote count if I realize for every vote I cast with some knowledge of the issues, there's fifty people are are being exploited by like-minded zealots whose sole purpose is to acquire power, and seek to retain that power.

Madison, in Federalist 9 & 10, argued that mutual self-intrest will keep the 'factions' in line, draw them towards a central, middle ground, and thus make decisions that are best for everyone. The problem seems to be that no all 'factions' are allowed into the game. At this point, I've got to request that I be allowed to collect my chips and move to another table, cuz I think I'm getting screwed, and all I see is more Dick coming.