U.S. Senate Bill SB 1338 could shortly force companies working in the state of Arizona to inform consumers if their private data is compromised. However, according to the law, the final decision – to inform, or not to inform — will be taken by the company involved. Experts at InfoWatch believe the U.S. is crying out for a federal law on data leaks and if legislators in Washington continue to drag their heels, every state will end up adopting their own local laws.
Current legislation in Arizona does not provide any safeguards for consumers that fall victim to private data leaks. For example, if an insider sells the credit card number of an Arizona resident and the bank finds out about it, then it will most probably hide the fact both from its client and from the general public. In order to change this state of affairs, local legislators took the decision to adopt special legal measures, the Arizona Daily Star reports.
The issue has focused on Senate Bill SB 1338 which would force any companies working in Arizona to inform consumers if their private data is compromised. Companies that fail to act in accordance with the law will face serious fines. The bill also applies to state organizations, though exceptions are made for banks, medical institutions and law enforcement and judicial agencies that are subject to their own laws.
Despite the good intentions of bill SB 1338, the non-profit group Consumers Union has criticized the initiative, claiming the given law is, at the very least, ineffective. The main problem, according to the group, is that the companies themselves decide whether a leak is serious enough to merit informing those consumers who have been affected. As a result, companies will simply avoid making public any incidents that would be detrimental to their business.
The Consumers Union has called for a much tougher law, such as that currently in effect in California. The main feature of that law is that it requires all organizations to inform anyone affected by a private data leak, even if the risks are deemed to be insignificant.
Nevertheless, local legislators are continuing to insist on bill SB 1338 which leaves a range of loopholes for Arizona businesses. It is looking increasingly likely that Arizona will adopt what appears to be a toothless law on data leakage.
“America badly needs a federal law on private data leaks, and preferably one that is as severe as the current law in force in California. The large number of local laws serves only to complicate the business process because they each have their own specific demands and peculiarities. I suggest that the federal legislators get a move on, because, otherwise, every state will end up adopting its own laws," warns Denis Zenkin, marketing director at InfoWatch.
Source: azstarnet.com