Skip Navigation

Close and don't show again.

Your browser is out of date.

You may not get the full experience here on National Journal.

Please upgrade your browser to any of the following supported browsers:

Senators Launch Probe of Massive Data Breaches Senators Launch Probe of Massive Data Breaches

This ad will end in seconds
Close X

Not a member? Learn More »

Forget Your Password?

Don't have an account? Register »

Reveal Navigation



Senators Launch Probe of Massive Data Breaches

Lawmakers agree that further legislative protections are needed to prevent the kind of breaches that brought Target and Neiman Marcus to their knees.

photo of Dustin Volz
February 4, 2014

Warren: Data Security Problems Aren't Going to Go Away

Several senators repeated calls for legislation to ward off massive data thefts during a hearing Monday to review the vulnerability of the nation's digital-payment systems, the first in a trio of sessions this week examining the enormous breaches sustained recently at retailers around the country.

Sen. Elizabeth Warren declared that Congress needed to adopt tighter data-security protections and heighten the Federal Trade Commission's authority to police businesses failing to adequately protect consumer data.


"The FTC should have the enforcement authority it needs to protect consumers and it looks to me like it doesn't have that authority right now," Warren, a Massachusetts Democrat, said during a Senate Banking subcommittee hearing. "Data-security problems aren't going to go away on their own, so Congress seriously needs to consider whether to strengthen the FTC's hand."

The FTC has the authority to punish "unfair" business practices, a standard that continues to remain legally murky. While the FTC has used the standard to go after some companies that have failed to ensure adequate data-security standards, pending legal challenges levied by Wyndham Hotel and LabMD seek to challenge the authority.

"You're describing a fairly demanding standard, since as you say, it's more than breach, more than the fact that people have been injured, more than the fact that a company had very lax standards," Warren told Jessica Rich, director of the FTC's Bureau of Consumer Protection, during the hearing. "This is a real problem, that the FTC's enforcement authority in this area is so limited."

Rich largely agreed with Warren's admonitions, noting that "that's one of the reasons we're supporting general data-security legislation."

Subcommittee Chairman Mark Warner, a Virginia Democrat, repeatedly called for quick action to upgrade security features on plastic card payment methods as a stopgap measure to prevent further data breaches from occurring. He hammered home his conviction that debit and credit cards need to have the same standards of data protection. Currently, credit cards typically afford more protection.

"It would seem to me that equalizing cards on the same standard makes a lot of sense," Warner said. He then asked the second panel to "give me a reason why" the two plastic forms of payment shouldn't be aligned in their protective measures. All witnesses agreed.

But Warner also cautioned that upgraded technology—so-called chip and PIN protections—could only serve as an interim solution and would only be partially effective for online shopping.

Senators and witnesses alike agreed that more needed to be done to secure customer data to prevent more wide-scale breaches, both at retail stores and in online shopping.

"Our card-payment system is outdated and prone to attack," noted James Reuter, executive vice president of FirstBank. "The fraudsters rely on our systems being so porous."

Some steps, like ensuring people use more-complex passwords, are relatively easy matters of customer education.

But more-complicated challenges, such as varied state reporting requirements when a data breach occurs, serve to undercut consumer protections. Congress is considering legislation that would create one federal reporting standard. Separately, Ranking Member Mark Kirk, an Illinois Republican, said he planned to introduce legislation that would mandate a 25-year prison sentence for those found guilty of violating federal data-theft law.

The Senate subcommittee meeting is the first of three Congress is holding this week to examine consumer data vulnerabilities in the wake of colossal breaches at national retail chains. Executives from Target and Neiman Marcus will testify before the Senate Judiciary Committee on Tuesday, and will do so again Wednesday in front of a House Energy and Commerce subcommittee.

Target's breach was the first in an avalanche of data thefts to come to light in recent months, a heist that stole the names, addresses, phone numbers, and credit-card information of as many as 110 million customers.

LIKE THIS STORY? Sign up for Tech Edge

Sign up for our daily newsletter and stay on top of tech coverage.

Sign up form for Tech Edge
Job Board
Search Jobs
Digital and Content Manager, E4C
American Society of Civil Engineers | New York, NY
American Society of Civil Engineers | CA
Neighborhood Traffic Safety Services Intern
American Society of Civil Engineers | Bellevue, WA
United Technologies Research Fellow
American Society of Civil Engineers | New York, NY
Process Engineering Co-op
American Society of Civil Engineers | Conshohocken, PA
Electrical Engineer Co-op
American Society of Civil Engineers | Findlay, OH
Application Engineer/Developer INTERN - Complex Fluids
American Society of Civil Engineers | Brisbane, CA
Application Engineer - Internships CAE/CFD Metro Detroit
American Society of Civil Engineers | Livonia, MI
Chief Geoscientist
American Society of Civil Engineers
Application Engineer - Internships CAE/CFD Metro Boston
American Society of Civil Engineers | Burlington, MA
Professional Development Program Engineer
American Society of Civil Engineers | Farmington Hills, MI
Civil Enginering Intern - Water/Wastewater/Site-Development
American Society of Civil Engineers | Sacramento, CA
Staff Accountant
American Society of Civil Engineers | Englewood, CO
Biomedical Service Internship Position
American Society of Civil Engineers | Flint, MI
comments powered by Disqus