GovernmentExecutive.com

A Senate Democrat on Thursday made a plea to his chamber's leadership to schedule floor debate on a data protection bill that could help veterans better protect their stolen personal information.

Sen. Mark Pryor of Arkansas said Thursday he hopes "Senators [Bill] Frist and [Harry] Reid will take some time on the floor," in the near future to allow consideration of S. 1408, a data protection bill he co-sponsored with a bipartisan group of seven lawmakers. Pryor made the comment during a joint hearing hosted by the Veterans Affairs and Homeland Security committees on the recent data breach at the Veterans' Affairs Department.

A laptop containing personal information on more than 26 million veterans recently was stolen from the home of a department analyst.

The legislation would allow consumers to restrict access to their credit reports. The provision is designed to frustrate potential thieves from conducting transactions under other people's names. It also would require commercial entities and non-profit institutions to implement security measures, among other things. Four Republicans support the legislation.

A Senate aide who has worked on the bill said Thursday that "there has been increased activity and discussion in recent days towards getting a data breach bill passed due to the Veterans' Affairs Department breach." But he noted that momentum has been stalled for the past year due to a lack of action from the Senate Banking Committee. The committee needs to enact language on relevant areas that fall under its jurisdiction so that committee staffers can finalize and merge the various legislative proposals in their chamber.

"It's a priority for Chairman Richard Shelby to pass a bill that would cover the financial institutions covered by the FCRA and GLB," said Senate Banking spokesman Andrew Gray, referring to the Fair Credit Reporting Act and the Gramm-Leach-Bliley Act, which address financial privacy issues.

Sen. Robert Bennett, R-Utah, is working on the banking committee's legislative proposal. A call to his office was not returned Friday afternoon. Nor was an e-mail to an aide to Frist inquiring about scheduling time for a floor debate.

"I definitely think that the latest data breach is having a big impact on the Hill," said Susanna Montezemolo, a policy analyst at Consumers Union. "Just this week alone, there were three data security mark-ups in the House."

The House Energy and Commerce, Financial Services and Judiciary committees all approved separate proposals for data protection legislation this week. The consumer groups generally support the Energy and Commerce bill, while business interests support the Financial Services legislation.

Only the Financial Services legislation includes a provision that would allows consumers to restrict third-party access to their credit reports. But that bill would only permit them to do so after being victims of fraud.

COMMENTS

• Notice the name of this act, "Veterans Identity Protection Act of 2006." This act doesn't protect anyone's identity, it simply monitors your credit for one year. After that you're on your own!!! Is the government going to go out and retrieve your lost data so that nobody uses it illegally? No!!! We also get a free credit report. Whooopeee!!! An annual free credit report is required by law anyway!!! Where's the identity protection????? Un-Civil Servant GovExec.com reader Posted June 7, 2006 10:58 AM
• What's interesting is that the Army used to have you write your full name and SSN on your duffel bags (so they could tell whose was whose - two Smiths, etc.) It wouldn't have been too hard to ask a soldier where he was from, in a friendly “social engineering” way, and then dial 411 (today just use the Internet) and get his address and phone number. A call to his house and more social engineering, oh, say, "Hey, could you tell me what my old Army buddy's birthday is? I want to send him a card!" and then you would have: Name, SSN, Address, Phone Number and DOB -- same as from that missing laptop. We were all so lax back then about SSNs (and it wasn't that long ago) and now everyone is suddenly super vigilant (or say they are). Memo to vets -- it was a super stupid security breach but not (yet) identity theft. If it gets you thinking about protecting your “perimeter” then something good may come out of all this. GovExec.com reader Posted June 2, 2006 3:56 PM
• I don't recommend the military to any of the eligible young women and men I come in contact with. This confirms my decision. Let the war mongers volunteer, they don't need anything back and they have no fear. GovExec.com reader Posted May 31, 2006 2:50 PM