President Barack Obama is today to propose legislation that would ensure companies inform customers of any leaks within 30 days of a data breach, reports Physorg.
The legislation, if voted for by Congress, will be accompanied by an additional measure designed to stop companies selling student data to third parties, and to prevent any school data being used in targeted advertising.
The Personal Data Notification and Protection Act - as it shall be called - comes off the back of a number of high profile data breaches from the last year, including Target, Home Depot and JP Morgan Chase, and hopes to cement how companies respond to hackings in future, because, as The Guardian notes "recent hackings have exposed the lack of uniform practices for alerting customers in the event of a breach."
The New York Times broke the story on Sunday, quoting White House sources, but believes the president will officially announce the legislation in a speech at the Federal Trade Commission, where he will state that "the current patchwork of state laws does not protect Americans and is a burden for companies that do business across the country."
The Student Data Privacy Act, on the other hand, will work to prohibit technology firms from profiting on data capture in schools, as classrooms increasingly adopt tablets, cloud software and online services. Finally, Obama will "announce voluntary agreements by companies to safeguard home energy data and to provide easy access to credit scores as an 'early warning system' for identity fraud."
Explaining the proposed changes, a White House briefing document stated that: "As cybersecurity threats and identity theft continue to rise, recent polls show that nine in 10 Americans feel they have in some way lost control of their personal information — and that can lead to less interaction with technology, less innovation and a less productive economy."
White House officials stated they did not expect much opposition from Congress, or from industry organizations.