Someone must have forgotten to check the settings on the hot tub time machine. After more than five years, Congress has again turned its attention to passing broadbased data security legislation. Although other issues, such as financial reform, have dominated the news, a number of lawmakers have expressed hope that Congress will pass a broad-based data security bill this year. For example, in December 2009, the House approved a data security bill (H.R. 2221), and various Senate committees are currently considering various data security bills, including, for example, S. 1490 and S. 3579. These bills would require that the FTC adopt rules requiring that businesses that handle personal information relating to consumer implement risk-based information security programs to protect such information. Moreover, the bills frequently include a nationwide standard for security breach notification, possibly preempting the various state laws. While there has been broad support in Congress for enacting data security legislation, jurisdictional issues and competing bills have complicated efforts toward final passage.