STATES CONTINUE TO LEGISLATE DATA BREACH LAWS
I can see the state legislative committees now, meeting in small rooms to determine how best to do what the U.S. Congress has bungled over and over: Pass legislation that will protect consumers from identity theft. Unfortunately, outside the state of California, most of these laws aren’t up to solving the identity crisis. Even the Golden State bill doesn’t go far enough, because it doesn’t incorporate my concept of individual control, giving the consumer the responsibility of guarding their identity. But three more state laws were passed in Illinois, Louisiana and New Jersey the first of this year, according to ComputerWorld. There are 35 state data breach bills in effect now, including the latest three, and one would think this would wake up a junk mail industry and non-junk mail businesses that collect your private information, as a warning that there will be a nightmare conglomeration of rules to follow in order to do business. There are two ways to solve the problem: one) business voluntarily gives control of consumers’ names and personal data to the individual in an arrangement where the name-holder has the accountability to determine how and when their sensitive data is used and sold; two) pass federal legislation that awards this control to the consumer. In both cases, the individual should be compensated when their names and private information are sold. The junk mail industry trade organization, the Direct Marketing Assn. (DMA) should be taking the lead in this issue, but, as a former data broker of 35 years, the list business leaders would probably fire DMA president, John Greco, if he came up with such an insane idea. Leadership is hard to find these days.