• On September 22, 2010, Maneesha Mithal, Associate Director for Privacy and Identity Protection at the FTC, testified before the Senate Subcommittee on Consumer Protection, Product Safety, and Insurance in support of S. 3742, the Data Security Breach and Notification Act. Introduced on August 5, 2010 by Sen. Mark Pryor, D-Ark., and Commerce Committee Chair Sen. John “Jay” Rockefeller IV, D-W.Va., the bill would require most companies that store personal information to (1) develop written policies and procedures regarding information security practices, and (2) notify consumers when a security breach occurs. In addition to supporting the current draft of the bill, Ms. Mithal outlined several additional items the FTC would like to see included, such as extending the bill to cover telephone companies and expanding the data breach notification requirements to cover all data, not just data stored in an electronic form. Also testifying was Symantec CTO Mark Bergman, who urged the bill’s quick passage.

A copy of S. 3742 can be found here. The FTC’s press release on the hearing can be found here. The text of the FTC’s written testimony can be found here.