President Barack Obama’s proposed cyber security legislation, which he promoted the week of January 12 and briefly addressed in his State of the Union address, includes one of four bills similar in essence to the Cyber Intelligence Sharing and Protection Act (CISPA). His proposal is actually similar to an effort he vetoed last year and said he would veto again, said Jim Wise, NACM’s Washington lobbyist and managing partner of Pace, LLP.
Obama’s proposal, however, addresses additional privacy concerns, Wise said. “Companies would have to redact personally identifiable information, for instance, and comply with certain privacy restrictions.”
The bill that could affect NACM members is the National Data Breach Reporting measure, called the Personal Data Notification and Protection Act, which the administration has updated since its initial proposal in 2011.
“Security breach reporting laws require businesses that have suffered a cyber attack to notify customers if personal information has been compromised,” Wise said. “While this generally would not impact our members, it does have the potential to do so in those instances where our members need to secure a personal guarantee in the extension of business credit.” The administration claims their proposal will help businesses, as there are currently 46 state laws on this type of reporting, with different requirements and reporting timelines, Wise said.
U.S. Senate Majority Leader Mitch McConnell (R-KY) has said cyber security is one area of possible agreement with the Obama White House: “Unlike many of the president's major policy initiatives rolled out in the last few years, this package of proposed legislation may actually go somewhere in Congress.”
- Diana Mota, NACM associate editor
For the extended version of this story and more analysis, check out this week's edition of eNews, available late Thursday afternoon at www.nacm.org and via email to members who have opted in.