Government workers probably wish it happened earlier, but support is finally growing for federal regulation of personal information held by private companies. In February, Bank of America Corp. lost personal data, including Social Security numbers, for 1.2 million federal charge card holders.
What form any new regulations would take is unclear, and not everyone is convinced the government should get involved in the first place. But with each new revelation that citizens’ privacy has been compromised, pressure mounts to close the data spigots. Ironically, such regulations could affect government consumers of commercial data, such as the FBI.
“I believe there will be some very firm federal regulations coming out of this issue,” Sen. Arlen Specter (R-Pa.) said during a recent hearing of the Senate Judiciary Committee on electronic personal data.
The hearing was called in the wake of a spate of incidents in which sensitive information about hundreds of thousands of individuals had been lost or stolen. Three senators at the hearing said they recently introduced or will reintroduce legislation to secure and control the handling of personal data.
When pressed by senators, representatives of three companies, all of which suffered security breaches, said they would support some level of regulation.
“Adoption of additional legislation may be appropriate,” said Jennifer T. Barrett, chief privacy officer of Acxiom Corp. of Little Rock, Ark. Acxiom provides background screening, credit reports, Social Security number traces and other services. In 2003, a man was arrested and pleaded guilty to hacking an Acxiom server and downloading millions of records. Authorities said he never used the information fraudulently.
Data losses
The hearing came one day after LexisNexis Group of Dayton, Ohio, reported that information on as many as 310,000 individuals might have been stolen from its databases over the past two years.
“We sincerely regret these incidents,” said Kurt P. Sanford, CEO of the company’s corporate and federal markets.
Also apologizing at the hearing was Douglas C. Curling, chief operating officer of ChoicePoint Inc. of Alpharetta, Ga., which recently announced it had sold data on as many as 145,000 individuals to phony clients. Data about hundreds of thousands of other people has recently been lost or stolen from banks, a retailer and a California university.
Digg
De.licio.us
Slashdot
Technorati
