After 2014’s high-profile Sony hack and a multitude of retailer data breaches, President Barack Obama is renewing efforts to beef up America’s cybersecurity.
The president recently laid out a series of legislative proposals that he says will boost data security, improve consumer privacy and help prevent identity theft—America’s fastest-growing crime.
“This is a direct threat to the economic security of American families and we’ve got to stop it,” Obama said in a speech at the Federal Trade Commission Jan. 12. “If we’re going to be connected, then we need to be protected.”
His proposals need congressional approval to become law. But here’s how the changes could help you, if passed:
1. 30-day notice rule
Right now, there’s no federal law requiring banks and companies to tell you if your data has been compromised. Obama wants a new national standard that would require notifying consumers within 30 days if their data has been exposed. He says this will help people protect themselves and save companies the cost of complying with a patchwork of state laws.
“Sometimes, folks don’t even find out their credit card information has been stolen until they see charges on their bill, and then it’s too late,” Obama said at the FTC. Tim Pawlenty, former Minnesota governor and the chief executive of the Financial Services Roundtable, a banking industry advocacy group, supports the notification proposal and says he’d also like to see a national data-security standard to better protect consumer information.
2. Free credit scores
Obama is urging more banks, lenders and credit card companies to make free credit scores available to consumers. JPMorgan Chase, Bank of America, USAA, State Employees’ Credit Union and Ally Financial have joined a growing list of companies that provide this information free of charge, according to Obama. The president said scores are “like an early warning system telling you that you’ve been hit by fraud.”
U.S. law requires each of the three major credit bureaus to provide you with a free credit report per year, on request. But you have to pay to see your score.
“Having free and easy access to your [credit score] is one simple measure for consumers to continually monitor their credit health and track improvements, as well as a means to know early if your credit profile has been compromised,” says Michael A. Carpenter, Ally’s chief executive.
3. More online student protection
Laptops, iPads and other devices that connect to the Internet are common in classrooms these days. That can put student information at risk. Obama wants a law that would prevent companies from selling student data, like search histories, for any reason other than educational purposes. His proposal is modeled after a California law. While dozens of companies nationwide have pledged to do this through the Student Data Privacy Pledge, Obama wants a national mandate.
“We want to prevent any kind of profiling that puts certain students at a disadvantage as they go through school,” he said at the FTC.
4. Consumer privacy
You’d have the right to decide what personal data companies collect from you or about you and how that data gets used, under this proposal. It promises “baseline protections” on the way companies operate in this area. Obama first outlined a “privacy bill of rights” in 2012.
A bill containing these measures is expected from the White House next month.
The bill will also feature proposals to promote industry sharing of possible threats, which will help reduce cyber attacks by “allowing the industry access to actionable information about cyber criminals’ plans,” says Jason Oxman, chief executive of the Electronic Transactions Association.
Companies and other private-sector organizations would be encouraged to share threat information with government and private agencies set up to exchange and analyze the data, according to statements from the White House. One way this would be accomplished is by providing targeted liability protection to participants.
These initiatives will be a focal point of a “summit” meeting Feb. 13 at Stanford University. It will gather leaders from government agencies, consumer groups and industry to discuss ways to enhance security and share insights into potential threats, both to help strengthen consumer protections and help industry fight off cyber intrusions, according to the administration.
“We are the country that invented the Internet. And we’re also the pioneers of this Information Age—the creators, the designers, the innovators,” Obama said at the FTC. “I’m confident, if we keep at this, we can deliver the prosperity and security and privacy that all Americans deserve.”