Any hope of a U.S. House data-breach disclosure law this year has fizzled away in the face of opposition from Democrats who contend the legislation lacks enforcement teeth.
The Data Accountability and Trust Act narrowly passed a subcommittee vote in November, but was pulled from a full committee vote Thursday by Energy and Commerce Committee Chairman Joe Barton (R-Texas).
Barton said he reached the decision to delay the vote with committee ranking member John Dingell (D-Mich.) in order to give Republican and Democratic negotiators more time to work out differences over the bill.
“Mr. Dingell and I agreed to put off consideration in order to finalize agreements that have been reached in negotiations with the majority and minority,” Barton said. “It is the intention of the chair [Barton] to consider the data-protection privacy bill as soon as possible … but it likely won’t happen until sometime in 2006.”
Dingell said a some of the differences over the bill have been worked out since the subcommittee vote, but enforcement issues are still unresolved.
“We are all in agreement that we need tough enforcement that will deter violations of the act,” he said. “This bill is designed to provide important rights to consumers when their confidential information is compromised. But rights are meaningless without enforcement.”
As approved in November, the bill requires data brokers to disclose to consumers any unencrypted breaches of their personal data. The bill would also preempt all state data-breach laws.