On the heels of a string of hacks and other online intrusions that exposed the credit card numbers and other personal data of millions of American consumers, President Barack Obama is proposing new legislation to bolster cybersecurity and combat identity theft.
Among other proposed measures, the Personal Data Notification and Protection Act would require companies to notify customers within 30 days of a network breach that exposed confidential information.
“In the recent breaches, more than 100 million Americans have had their personal data compromised,” Obama said during a speech Jan. 12, 2015, at the Federal Trade Commission in Washington, D.C.
“So this is a direct threat to the economic security of American families and we’ve got to stop it,” said the president, who will further discuss his cybersecurity initiatives during his State of the Union address Jan. 20.
If approved by Congress, the Personal Data Notification and Protection Act would establish a “single, strong national standard” for notification requirements that would replace “a patchwork of laws” at the state level.
“In addition, we’re proposing to close loopholes in the law so we can go after more criminals who steal and sell the identities of Americans, even when they do it overseas,” Obama said.
The president also said he would introduce a Consumer Privacy Bill of Rights that would regulate how companies use and store customers’ personal data.
Recent “polls show that 9 in 10 Americans feel they have in some way lost control of their personal information — and that can lead to less interaction with technology, less innovation, and a less productive economy,” according to The White House.
The president’s announcement comes just weeks after the Federal Bureau of Investigation unveiled a campaign to hire Cyber Special Agents to join the widening fight against online criminals.
Major retailers from Home Depot to Target and Neiman Marcus to Michaels have been targeted by cyber thieves in the past year, as have grocery chains and healthcare operators, among other companies. In December 2014, the hacking of Sony Pictures Entertainment exposed corporate documents and confidential data relating to the movie studio’s employees.
The suspects in these online intrusions have ranged from Eastern European cyber thieves to a Russian crime ring and hackers tied to the government of North Korea.
Worldwide, the costs associated with cyber crime are estimated to exceed $445 billion a year, with the United States accounting for nearly one-fourth of that total, the Center for Strategic and International Studies reported in June 2014.
The FBI and other government agencies are competing with private businesses to hire in-demand cybersecurity professionals. From 2012 to 2022, jobs for information security analysts are projected to jump by 37%, the U.S. Department of Labor reports. Meanwhile, a 2014 report by Cisco found that almost 1 million additional cybersecurity professionals are needed globally.
“If we’re going to be connected, then we need to be protected,” President Obama said during his speech at the FTC. “As Americans, we shouldn’t have to forfeit our basic privacy when we go online to do our business.”