Post the Target leak
which happened in second week of December, Senator Patrick Leahy from Vermont, United States has proposed a stricter legislation against the hackers who hack websites/domains and leak personal data on the cyber world.
If you remember, in month of December 2013, hackers targeted ‘Target’ one of the largest US retailers and published the Names and Credit Card numbers and CVV numbers of its customers, online. What made it more deadly was the fact that it was prime shopping season for US citizens and Christmas and New Year were only weeks away. Senator Leahy who is also the Chairman, Committee on the Judiciary in United States has now proposed a new legislation which will not only protect the personal data from being leaked but also enhance the powers of law enforcement agencies. However it may also be noted that for the legislation to become a law, it has to be passed by the Senate as well as approved by President Obama. Senator Leahy has in fact proposed a similar legislation four times earlier in his tenure of 9 years and this is the fifth time he has proposed a legislation to curb cybercrimes like the one on Target in December.
Senator Leahy wrote in a press release, earlier this week,
“is a reminder that developing a comprehensive national strategy to protect data privacy and cybersecurity remains one of the most challenging and important issues facing our nation. The Personal Data Privacy and Security Act will help to meet this challenge, by better protecting Americans from the growing threats of data breaches and identity theft.”
As per the new legislation proposed by Senator Leahy, companies with databases containing sensitive customer information would be required to establish and implement in-house data privacy and security programs and adopt a “nationwide standard” for informing the US law authorities and citizens about this breaches. It also proposes new penalties against the companies if it is proved that they have “intentionally and wilfully” concealed evidence of a breach or hacking.
“This is a comprehensive bill that not only addresses the need to provide Americans with notice when they have been victims of a data breach, but that also deals with the underlying problem of lax security and lack of accountability to help prevent data breaches from occurring in the first place”
While the companies who are alleged to wilfully conceal the evidence of breach (read inform the citizens) have been proposed to be penalised, Senator Leahy has also specifically mentioned that significant changes have to be made to the 1986 US hacking law now in force. His proposal includes harsher penalties and sentences for the hackers. He has proposed that the hacking or conspiracy to hacking to be linked to the Obama administrations new proposal to update the Computer Fraud and Abuse Act.
Leahy has added in the statement,
“so that attempted computer hacking and conspiracy to commit computer hacking offenses are subject to the same criminal penalties, as the underlying offenses.”
It is to be noted that President Obama has proposed a similar legislation in May, 2011 but that legislation is yet to see the light of the day. Even Senator Leahy’s earlier proposals are lying in cold storage but now that ‘Target’ has happened, the Obama administration may be under pressure to pass this one. In the event of this being passed by the Senate, a new law against hackers could not only mean stricter sentences for hackers but also mean enhanced powers to the law enforcement agencies like FBI, NSA etc.