 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
Prepared Statement of The Honorable Joe Barton Securing Consumers' Data: Options Following Security Breaches
Subcommittee on Commerce, Trade, and Consumer Protection Thank you Mr. Chairman for holding this hearing today. I have spent considerable time focusing on information security issues such as the spyware legislation that this Committee passed unanimously. I'm confident that that bill will be received favorably by the full House as well. Our Committee's work on these issues will continue in earnest, particularly in light of the alarming and ever-growing list of data security breaches recently. Nothing seems safe. In recent months, we have learned about the loss of personally identifiable information-even including Social Security numbers-from ChoicePoint, LexisNexis, Blockbuster, as well as a company called RuffaloCODY that manages information systems for a number of colleges and universities. Most recently, data tapes belonging to Time Warner were stolen from a storage company called Iron Mountain-a company, I might add, that also stores some sensitive information for the Congress. I suspect that there are more thefts of this nature about which we have not yet learned. This is simply unacceptable. In the Internet age, personal information can be accessed in any number of ways and from any number of outlets. To not guard it closely is to open the door to thieves. Sensitive personal information must be secure, and companies that legally gather and distribute this information need to be held accountable if they do not take reasonable steps to ensure that security. The recent breaches have focused our attention on "data brokers" who compile public and non-public information in ways that seem downright Orwellian. They can share it, rent it, and sell it. Constraints on these companies and their practices are few and thin. Some of these companies provide an important service for individuals trying to protect their families or investments, as well as for the government trying to protect us all. It is essential that only those who have an appropriate, legitimate reason for having access to such information are allowed to view it. Those who provide this access must be responsible for verifying both the legitimacy of the business or person inquiring, as well as the appropriateness of their reason for doing so. Of course, other entities such as credit card companies, department stores-even the video store, as I mentioned-have sensitive information as well. They must be similarly responsible with the data, and take vigorous steps to protect it. Congress has not laid out a comprehensive framework for data security and data brokers, and it is clear that we need to act. This Committee must take the lead in developing appropriate safeguards for consumer information, and we will proceed to that end on a bipartisan basis. I am glad that Chairman Stearns has put together a diverse panel to discuss this topic, and to explore options for how we as policymakers can help address the concerns of the American public. With that, I would like to welcome the witnesses and thank them for their participation. I am very interested to hear what these companies and their industries are doing to help prevent identity theft, and the misuse of personal information in general. Thank you, and I yield back the balance of my time.
|
|||||||||||
|
