The Cyber-Security Enhancement and Consumer Data Protection Act of 2006 is a short bill. It applies to security breaches in which the personal information of 10,000 or more people is acquired; or any breach involving databases owned by the Federal Government; or one involving primarily data in electronic form containing personal information of employees or contractors of the Federal Government involved in National security matters or law enforcement.
California already has a law that requires businesses to disclose data breaches that could expose individuals to identity theft.
A consumer information service, Consumers Union, says the federal bill should require the same level of disclosure as the California state legislation.
