Venable partner Stu Ingis was quoted in a January 16, 2015 Security Info Watch article on President Barack Obama's proposed data breach notification law. Under the proposed Personal Data Notification and Protection Act companies would have 30 days to inform customers of a data breach that compromises their personal information. The proposed law would create a single national standard for companies to follow instead of navigating individual state data breach laws.
"The president and his team should be commended in continuing to show leadership on important issues of privacy and data security. There has been consensus and a call from many in the business community several years running for data breach legislation. This may finally be the year if the bill can avoid being bogged down with data use limitations and questions surrounding what entity is responsible for payment of breaches. The payment issue is best left to the marketplace or in a separate proposal, as ultimately it is not a consumer protection issue, but rather a commercial issue," said Ingis.
"With respect to the Privacy Bill of Rights, businesses will await the details to pass judgment on the particulars of any proposal. If it looks similar to the provisions pushed by the administration in then Senator Kerry's comprehensive privacy bill from a previous Congress, it is unlikely to garner much support on the Hill. Then Senator Kerry's Bill did not garner much support from either party. That Bill was criticized for its European-like omnibus approach and breadth of discretion it would have given the FTC to endorse codes or rules," Ingis added. "Legislators are very reluctant to impose regulation on the innovative use of information in the internet era that is driving the economic turnaround. I expect the Republican-led Congress would be more likely to limit rules or enforcement action that would impede America's leadership in the information age."