Cicilline Introduces Bill to Protect Privacy of Consumer Data

WASHINGTON – U.S. Congressman David N. Cicilline today announced the introduction of the Consumer Privacy Protection Act of 2015 to help ensure that sensitive personal information individuals share with corporations is kept secure from hackers and other malicious actors.

“Today, consumers are providing more personal information than ever before to major companies. Consumers expect that this information will be kept secure, and Congress has a responsibility to ensure that the corporations holding this data take measures to protect it,” said Cicilline. “That’s why I am introducing the Consumer Privacy Protection Act today to modernize standards for protecting consumer data and provide some much-needed peace of mind for American consumers.”

Breaches of personal consumer information have become commonplace in recent years, even as consumers regularly hand over more and more data to major corporations. Earlier this year, Anthem Inc., the second-largest American health insurer, announced that information for up to 78.8 million people may have been exposed, including names, dates of birth, Social Security numbers, and street addresses. Likewise, in 2013, Target admitted that data on 70 million customers, including 40 million credit and debit card accounts, had been compromised. Other major corporations that have recently reported the breach of customer information include Home Depot, Staples, Sony, Kmart, UPS, P.F. Chang’s, Michaels, Neiman Marcus, and T.J. Maxx.

The Consumer Privacy Protection Act would require companies that store personal information on more than 10,000 customers take steps to keep that information safe from cyberattacks and data breaches. It would also require those companies to notify consumers and federal law enforcement following a major data breach. The personal information protected in the bill includes Social Security numbers, usernames and passwords, biometric data, geolocation, information on a person’s health and well-being, and private photos.  Eleven of Cicilline’s House colleagues have co-sponsored the Consumer Privacy Protection Act.

Consumer protection advocates and watchdog organizations praised Cicilline’s introduction of the Consumer Privacy Protection Act. “Rep. Cicilline should be commended for introducing this common-sense alternative to other data breach and data security bills as a companion to the Senate bill. This bill creates a strong federal standard of privacy protections without preempting those state laws that have an even higher standard of protection,” said Chris Lewis, Vice President of Government Affairs at Public Knowledge. “The bill also preserves the system of data security at the Federal Communications Commission that has been an integral part of privacy protections on essential communications networks. The FCC and FTC have worked in concert on a variety of consumer protections over the years and this bill will preserve that successful balance of authority.”

“Consumer Action believes that consumers whose accounts or personal information are subject to a data breach deserve to know about the breach as soon as possible,” said Consumer Action National Priorities Director Linda Sherry. “The Consumer Privacy Protection Act of 2015 would ensure consumers are notified, provide civil penalties for companies that fail to notify customers as required as well as create a strong federal breach notice without impacting stronger state laws.”

“This is a strong bill that provides important protections for consumers’ data,” said John M. Simpson, Consumer Watchdog’s Privacy Project director. “Importantly it sets a strong federal baseline and pre-empts only weaker state laws.  It leaves stronger state laws in place.”

“Recent news about serious data breaches is increasing public anxiety about data security. There are many data breach bills in Congress, but most of them would actually weaken the rights that consumers already have under their state laws. A federal law will only be helpful to consumers if it provides them with greater privacy and security protection than they have today,” said Susan Grant, Director of Consumer Protection and Privacy for the Consumer Federation of America. “Consumer Federation of America supports this legislation because it effectively addresses the problem of data insecurity and provides the comprehensive protection that consumers need and want. We urge the members of the House of Representatives to pass this bill as quickly as possible.”