Sen. Pat Toomey, R-Pa., announced on Friday the latest in a string of bills designed to require companies to protect consumer data.
Toomey's Data Security and Breach Notification Act of 2012 would require companies to notify consumers if personal information is stolen.
"A number of recent high-profile data breaches combined with the messy patchwork of 46 different state laws highlight how difficult it is for consumers to know their personal information is secure," Toomey said in a statement. A federal law, he said, would provide certainty for businesses. "Our bill would eliminate the burden of complying with varying standards and laws, ensuring that all consumers and their personal information are afforded the same level of protection."
Representatives of AT&T and a wireless industry association praised Toomey's proposals.
Many companies like Sony, Citibank, and others have suffered massive data breaches. But several bills designed to protect consumer data have faltered since as long ago as 2003. A House Energy and Commerce subcommittee approved its own data-breach legislation last year despite concerns from Democrats who said the bill could undermine privacy laws.