Daines Demands Answers to Secure Americans’ Personally Identifiable Information

WASHINGTON, D.C. – Following today’s announcement that more than 80 million Americans may have had their personally identifiable information compromised after a data breach at Anthem Health Insurance, Senator Steve Daines (R-MT) is calling on Congress to strengthen victim notifications requirements and ensure that Americans are promptly informed when their personal information may have been exposed.

During this morning’s Commerce, Science and Transportation hearing on consumer data breach solutions, Daines reaffirmed his commitment to expediting notification requirements and ensuring that data security standards are up to date. 

“Today’s headlines underscore the absolute importance of moving forward to strengthen our cybersecurity infrastructure by creating a concrete timeline for notification standards that should be a mandatory right for all consumers,” Daines stated. “I’ve spent more than twelve years working in the technology sector, and I know firsthand the power that big data holds. I also know the risks when that data is compromised. It is unacceptable that any American is left in the dark when their personally identifiable information may have been breached — that’s why I’m fighting to strengthen notification requirements and ensure the American people know when their personal information is compromised.”

Video of Senator Daines’ remarks at today’s Commerce hearing is available here.

Daines pressed hearing witnesses on notification standards – vehemently pushing back after witnesses suggested that a defined timeline for notification that passes between a breach and consumer notification simply “doesn’t matter” for consumers who have been a victim of an attack.

“When I was running customer service and looking out for customers, when we had a problem, our policy was we notified our customers as soon as we were aware of the problem—maybe not always understanding the magnitude of it, but we believed we owed it to our customers to get back to them,” Daines stated during today’s hearing. “I am surprised to think we might be thinking in terms of 30 days [as an acceptable notification period]. I think frankly that’s unacceptable. The customers, the consumers of this country should be served better than that.”

Daines brings a strong record of working on cybersecurity and data breach issues, as well as years of experience in technology, to the Senate Commerce, Science and Technology Committee.

Before being elected to Congress, Daines worked in Montana’s technology sector for more than twelve years. He served as vice president of RightNow Technologies, a Montana-based cloud computing company.

In the House, Daines served on the Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, where he actively fought to protect and secure Americans’ personal information.

Daines offered an amendment to H.R. 3696, the National Cybersecurity and Critical Infrastructure Protection Act of 2013, to require that all federal agencies notify victims of a data breach within two days.  Additionally, Daines worked with Congressman Ron Barber (D-AZ) to introduce, H.R. 3847 the CARE Act of 2013, which sought to put in place cybersecurity safeguards to protect businesses and private citizens personal health care information on the Obamacare website.