On May 12, 2011, the Obama Administration provided Congress with proposed legislation designed to improve the country’s cybersecurity. Notably, the Administration’s proposal would include a national standard for security breach notification relating to incidents involving computerized data and would preempt state breach laws (at least to the extent that they apply to incidents involving computerized data). Although the notice requirements would include a risk-of-harm exception, this exception would be contingent on providing a detailed risk assessment to the FTC. The breach requirements would be enforceable by the FTC and state AGs.