Senator Richard Blumenthal, Democrat of Connecticut, introduced a new bill Thursday that aims to protect citizens’ personal information from online data breaches. The bill would also punish companies that are careless with customers’ information.
“The goal of the proposed law is essentially to hold accountable the companies and entities that store personalÂ informationÂ and personal data and to deter data breaches,” Senator Blumenthal said in a phone interview.Â ”While looking at past data breaches, I’ve beenÂ struckÂ with how many are preventable.”
The new bill, called the Personal Data Protection and Breach Accountability Act of 2011, comes at a time when online privacy and security are hot topics in Congress. The White House has also been involved in discussions aroundÂ new online privacy rules and legislation.
The bill presented by Senator BlumenthalÂ would introduce regulations for companies that store online data for more than 10,000Â people. These rules would require companies to follow specific storage guidelinesÂ and ensure that personal information is stored and protected correctly. Companies that do not adhere to these securityÂ guidelinesÂ could be subject to stiff fines.
Senator Blumenthal was a vociferous critic of Sony’s handling of an attack on its servers earlier this year, which put data from 77 million customers at risk. At the time, the senator pressed Sony to disclose the extent of the damage and to notify customers who had been affected.
If the new bill passes, Senator Blumenthal said, customers would be able to sue companies, like Sony, that do not take adequate precautions.
“The Sony data breach has became a poster child of why we need this law,” he said. “We were working on this legislation well before that data breachÂ occurred, but Sony is a good example of why this law should exist.”