New Bill Proposes Tougher Punishments for Identity Theft
The Personal Data Privacy and Security Act would require enterprises with more than 10,000 customers to implement a security and auditing plan and to notify their patrons when there is a suspected breach.
In late June, Sens. Arlen Specter (R-Pa.) and Patrick Leahy (D-Vt.) introduced a new bill--S.1332, Personal Data Privacy and Security Act of 2005. This sweeping legislation raises the punishments for identity theft and stipulates security measures for protecting Personally Identifiable Information (PII) and Social Security numbers.
Among other things, the new bill requires enterprises with PII on more than 10,000 customers to implement a security and auditing plan and to notify customers nationwide when there is a suspected security breach.
You didn't need a crystal ball to see a bill like this coming, and it's high time, too. The number of lost or stolen personal records this year alone exceeds 49 million, which means millions of people may be victims of identity theft.
The proposed legislation could be stronger. For example, we'd like to see it applied not just to large corporations but to companies with as few as 1,000 PII records. And at this point, there's no guarantee this particular bill will pass. But rest assured that Congress will enact legislation on this topic--sooner or later.
The Business of Going DigitalDigital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.