Barack Obama, US president, in Monday called on the federal government to introduce a law that would force US companies to give early notice to their customers when data were hacked, Beijing time January 13. Previously, Sony, Target and Home Depot had been hacked into, leading to the theft of credit card data and other consumer information.
Obama called for legislation called the "Personal Data Notification and Protection Act" (the Personal data Notification and Homeowner Act), which is to establish a single national standard, U.S. companies must be notified to customers within 30 days of discovering that their data has been stolen by hackers. At a meeting held in Monday by the Federal Trade Commission (FTC), he said the provisions of the current patchwork of state laws could not protect American consumers and would be a burden for companies operating across the country.
At the same time, Obama has proposed the Student Data Privacy Act (Student Data Privacy Act), which will prohibit technology companies from using the data collected in schools to benefit from the use of products and services such as tablets, online services and networked software that are being acquired by technology companies. In addition, he will announce that U.S. companies will need to sign a voluntary agreement that promises to protect home energy data and make it easy for consumers to check their credit scores as an "early warning system" for identity theft.
According to White House documents: "As network security threats and identity theft continue to increase, recent surveys have shown that nine-tenths of Americans feel they have lost control of their personal information in some way, and that the result could be a reduction in their interaction with technology, reduced innovation and reduced economic productivity. ”
Federal legislation or being "watered down"
Obama will deliver his State of the Union address next week, and over the past week he has focused on privacy and cyber security. White House officials say both parties are expected to support the bill and say they are not expected to be fiercely opposed by industry or advocacy groups.
But at the same time, Obama faces the first Republican-controlled U.S. Congress in his presidency. It is not clear how quickly his opponents in the White House and in the Senate will act against the legislation, or whether any debate in other areas could lead to the postponement of discussions on the legislation.
Consumers and privacy groups have not yet had the opportunity to see details of the Obama proposal, and some are still concerned that any federal standards may not be as strong as the laws of the U.S. state in recent years. California State, for example, has recently passed a state-government legislation to protect student data.
"What we want is a federal benchmark, and then state governments are free to set stronger standards," said Marc Rotenberg, president of the Privacy organization's Electronic Privacy Information Centre (Electronic Privacy Information Center). ”
Chris Calabrese, senior policy director of Center for Democracy and Marvell, said the group was not opposed to the idea of a federal legislation, but depending on the content of the legislation. "There are a lot of people in the advocacy community who worry that federal legislation could be watered down," he said. ”
30 Day Timer
Since the Sony industry has been invaded by hackers, the urgent need to solve the problem of enterprise data embezzlement has been increasing.
Under Mr Obama's proposed bill, a US company that finds its data hacked by hackers triggers what is called a "30-day Timer", in which the company must give notice to its customers. The Act sets out the time when data theft must be disclosed and provides that it is a criminal offence to sell an individual's Internet information overseas. The Federal Trade Commission will have the right to impose fines on companies that do not comply with the bill.
Jon Leibowitz, a partner at Dawei law Firm (Davis Polk) who served as chairman of the Federal Trade Commission in the Obama administration, said: "The laws of 48 states often clash with each other, an ideological struggle." ”
At present, schools across the United States are using data-education products, such as math textbooks and online homework portals, which collect information from students each time they tap the keyboard, with the benefit of customizing the teaching requirements and learning preferences for each student. However, these data mining products have begun to worry some parents, who believe that educational technology companies may collect and share sensitive data, such as a student's disciplinary record or a family's financial position.
To allay this worry, the California State government has implemented a comprehensive education privacy law last summer, largely banning technology companies from collecting student information for advertising and publicity. Student advocacy groups have expressed appreciation for Mr Obama's plan to introduce a similar legislation.
(Responsible editor: Mengyishan)