Continuing a spate of recent legislative activity, the Senate Commerce Committee is bringing the hot topic of data breach back to the Hill.  This Wednesday, the Commerce Committee will hold a hearing entitled, “Protecting Personal Consumer Information from Cyber Attacks and Data Breaches.”  According to the Committee, recent data breaches at Target, Neiman Marcus, White Lodging, Snapchat, and the University of Maryland have illustrated the need to improve protections of consumer data.  The hearing will examine the risks that breaches create for consumers, the lack of a federal data-security law, and several data-security bills currently pending that would establish such a federal standard.  The following witnesses are scheduled to testify:

  • Edith Ramirez, Chairwoman of the Federal Trade Commission
  • John J. Mulligan, Vice President and Chief Financial Officer of Target
  • Dr. Wallace D. Loh, President of the University of Maryland
  • David Wagner, President of Entrust
  • Peter J. Beshar, Executive Vice President and General Counsel of Marsh & McLennan
  • Ellen Richey, Chief Enterprise Risk Officer at Visa

The hearing is part of Chairman Rockefeller’s continued efforts to strengthen data security, and specifically, to increase the protection of sensitive consumer data.  In January, Senator Rockefeller introduced with democratic colleagues the “Data Security and Breach Notification Act,” stating that his bill would give “consumers the peace of mind that companies are doing everything they can to protect and secure their personal information from criminals.”  Importantly, the bill would create a national standard for data protection and breach notice and would leave enforcement authority in the hands of the FTC and state attorneys general.  As we have previously reported, there are at least five such breach-notice bills currently pending in the Senate.  Senator Rockefeller’s data-breach agenda also parallels his more than year-long investigation into the data-broker industry, which he launched in order to examine how data brokers collect, store, and sell consumer information. 

For Target’s Vice President and CFO John Mulligan, this hearing will be the second time this year that he has testified in the Senate.  Just a month ago, Mr. Mulligan appeared before the Senate Judiciary Committee to discuss the data breach that Target suffered last year.  He also used the opportunity to advocate for the adoption of chip-and-PIN payment card technology in the United States, which is one of the last major economies lacking such data-security technology.