Privacy Police

Take Special Care With Your Customer Data. If This New Online Security Bill Passes, You Could Be Sued

The Senate is just not feeling terribly benevolent towards tech startups this week, it seems. First the America Invents Acts weigh in favor of those who can afford fleets of patent lawyers, and now a new bill to protect consumer data online is taking a punitive approach towards companies that experience a security breach, perhaps deservedly so. As Nick Bilton reports on The New York TimesBits blog:

“The bill presented by Senator Blumenthal would introduce regulations for companies that store online data for more than 10,000 people. These rules would require companies to follow specific storage guidelines and ensure that personal information is stored and protected correctly. Companies that do not adhere to these security guidelines could be subject to stiff fines.”

More alarmingly for companies like Sony, which put data from 77 million customers at risk earlier this year during the Playstation Online debacle, if the Personal Data Protection and Breach Accountability Act passes, customers would be able to sue in the event of a preventable security breach.

Betabeat doesn’t feel quite as strongly as VentureBeat’s Tom Cheredar, who writes:

“Personally, I don’t know that a bill like this is necessary. Companies are already suffer plenty — both in money and credibility — when data breaches occur. It’s a nice sentiment to think was can make this a law, but ultimately if a company doesn’t care about its consumers’ personal privacy, then that company likely won’t stay in business long.”

After all, with all the beta launches we’ve signed up for recently, it seems there’s plenty of time before going out of business for your personal data to be splashed online. And financial punishment, like shame, seems like as good an deterrent as any. But like the recently-passed patent reform, the undisputed winners to emerge from this spate of legislation are, of course, lawyers.

Follow Nitasha Tiku on Twitter or via RSS. ntiku@observer.com