Capitol Words a project of the Sunlight Foundation

  • and

National Data Privacy Day

Rep. Peter Welch

legislator photo

Madam Speaker, I move to suspend the rules and agree to the resolution (H. Res. 31) expressing support for designation of January 28, 2009, as ``National Data Privacy Day''.

The Clerk read the title of the resolution.

The text of the resolution is as follows:

Whereas the Internet and the capabilities of modern technology cause data privacy issues to figure prominently in the lives of many people in the United States at work, in their interaction with government and public authorities, in the health field, in e-commerce transactions, and online generally; Whereas many individuals are unaware of data protection and privacy laws generally and of specific steps that can be taken to help protect the privacy of personal information online; Whereas ``National Data Privacy Day'' constitutes an international collaboration and a nationwide and statewide effort to raise awareness about data privacy and the protection of personal information on the Internet; Whereas government officials from the United States and Europe, privacy professionals, academics, legal scholars, representatives of international businesses, and others with an interest in data privacy issues are working together on this date to further the discussion about data privacy and protection; Whereas privacy professionals and educators are being encouraged to take the time to discuss data privacy and protection issues with teens in high schools across the country; Whereas the recognition of ``National Data Privacy Day'' will encourage more people nationwide to be aware of data privacy concerns and to take steps to protect their personal information online; and Whereas January 28, 2009, would be an appropriate day to designate as ``National Data Privacy Day'': Now, therefore, be it Resolved, That the House of Representatives-- (1) supports the designation of a ``National Data Privacy Day''; (2) encourages State and local governments to observe the day with appropriate activities that promote awareness of data privacy; (3) encourages privacy professionals and educators to discuss data privacy and protection issues with teens in high schools across the United States; and (4) encourages individuals across the Nation to be aware of data privacy concerns and to take steps to protect their personal information online.

Pursuant to the rule, the gentleman from Vermont (Mr. Welch) and the gentleman from Florida (Mr. Stearns) each will control 20 minutes.

The Chair recognizes the gentleman from Vermont.

Rep. Peter Welch

legislator photo

I ask unanimous consent that all Members may have 5 legislative days in which to revise and extend their remarks.

Is there objection to the request of the gentleman from Vermont?

There was no objection.

Rep. Peter Welch

legislator photo

Madam Speaker, I rise in strong support today of House Resolution 31, introduced by Representative Price of North Carolina. This resolution correctly identifies the importance of data security in all of our lives. Particularly, as we continue to incorporate Internet use into our daily lives and routines, it's vital that we focus on the need to protect the sensitive information that is transmitted over the Internet.

Over the past few years, as we all know, we have seen numerous and troubling incidences involving data breach that compromise private information. That includes credit card numbers, bank statements, Social Security numbers, and health records. According to the Privacy Rights Clearinghouse, over 250 million records containing sensitive personal information has been subject to security breaches since 2005. We know we have got to protect security if we are going to have the advantages of electronic transmission of records.

Just last week, it was reported that another data breach involving credit and debit card information potentially exposed tens of millions of consumers to the risk of fraud. These incidents underscore the need for vigilance in protecting the privacy of sensitive information.

At this time, Madam Speaker, I yield such time as he may consume to the author of the resolution, the gentleman from North Carolina (Mr. Price).

Rep. David E. Price

legislator photo

I want to thank the gentleman from Vermont for yielding, and for his good work in bringing this resolution to the floor.

I am here as the lead sponsor, among many sponsors, of House Resolution 31, supporting the designation of January 28 as National Data Privacy Day. In the last 10 years, the Internet has become the preferred carrier of communication in our society. Electronic communications dominate workplaces, and are increasingly prevalent in commerce, in interactions between the public and government at every level, and through social networking sites on the Internet.

While we have realized incredible efficiencies and other benefits from new electronic technologies, those technologies have also raised challenges for protecting the privacy of personal and proprietary information. If we are going to fully realize the potential of electronic communications, we must address these challenges, and that is what H. Res. 31 is all about.

Fortunately, we are off to a good start. On Wednesday, privacy professionals, corporations, government agencies, nonprofit organizations, academic institutions, and students across the Nation are already planning to come together to raise awareness and underscore the importance of data privacy protection as part of National Data Privacy Day.

Academic institutions such as the Wharton Business School, Arizona State University, Santa Clara Law School, and Ohio State University, have planned events and panel discussions on a broad range of data privacy issues ranging from information security best practices to data privacy issues at public and private institutions of higher education.

One of the major focuses of Data Privacy Day will be to educate teenagers about the importance of online privacy. An estimated 55 percent of American teenagers with access to the Internet use social networking Web sites, and an even greater engage in real-time information sharing through instant messaging, cell phone text messaging, and chat rooms.

While pre-teens, teenagers, and young adults are often the most sophisticated and skilled Internet users--we all know that--many are too often neglectful of their personal safety online. Young people who are participating in online social networking should be made aware of the dangers of failing to protect their personal data. They need to know that not everyone on Facebook or MySpace is a friend.

On Wednesday, educators and privacy professionals across the country will lead discussions with young people to raise awareness about online privacy to promote safe use of the Internet and to help them learn about how to protect the privacy of their personal data.

I am especially proud of events in North Carolina surrounding Data Privacy Day. This week, the Carolina Privacy Officials Network will host panels on consent policy options in health care, information security breaches, and off-shoring of data. At the Sanford Institute of Public Policy at Duke University, representatives from Intel, the Institute for Homeland Security Solutions, the Triangle Center on Terrorism and Homeland Security, the Provost's Office at Duke University, the Duke Center for European Studies, the Center for International Studies, and the Triangle Institute for Security Studies, will gather with officials from the United States Departments of State, Justice and Homeland Security, as well as the European Commission, to discuss issues surrounding the protection of national security and privacy.

Madam Speaker, H. Res. 31 underscores the importance of data privacy protection and expresses support for the designation of January 28, 2009, as National Data Privacy Day. I want to thank the Members who cosponsored this important resolution, and members of the Energy and Commerce Committee, Chairman Waxman, for moving H. Res. 31 to the floor today. It's a resolution that has good bipartisan support. I appreciate that support, and I urge my colleagues to support the measure.

Rep. Peter Welch

legislator photo

I reserve the balance of my time.

Rep. Cliff Stearns

legislator photo

Madam Speaker, I yield myself such time as I may consume.

Madam Speaker, I am also pleased that our data privacy resolution could be considered on the floor today, and I would like to thank, obviously, Mr. Price of North Carolina, for introducing this important resolution, as the lead cosponsor on the Republican side. I am glad to be able to support it. As well as Chairman Barton from the Energy and Commerce Committee; Mr. Markey, the former chairman of the Telecommunications Committee; and, Mr. Radanovich, who will speak later, for their support as well.

My colleagues, this resolution supports the designation of January 28 as National Data Privacy Day. As ranking member of the Communications, Technology, and Internet Subcommittee, I am especially concerned about the challenges that all of us face today protecting the privacy of personal sensitive information.

Most of our work product and personal records are now, obviously, digitally stored, as well as transferred. The timesaving convenience of instantaneous communications means we all rely heavily on the Internet and the latest state-of-the-art technology in our simple daily interactions. And, more often than not, all of our electronic communications leave behind a digital fingerprint that opens the potential for abuse if the information is in the wrong hands.

That is why it is pertinent that we, as representatives of the American people here in Congress, take the simple initiative to draw awareness to the importance to protecting sensitive personal information, including financial and health records, from misuse and theft.

Consumers must be vigilant in protecting their data. They have a personal responsibility, and they must be cautious with whom they do business with. Likewise, we must continue to ensure that legitimate businesses which collect and store U.S. consumer personal data will respect the privacy of those consumers at all times and employ the necessary protections to safeguard that data.

Data security is not a new issue. We examined this problem related to data breaches in the Energy and Commerce Committee as far back as the 109th Congress that were spurred by breaches at data brokers affecting millions of our citizens. We learned that State laws created numerous notice requirements that were to inform the customer of these breaches, but it is unclear, Madam Speaker, how many data breaches occurred before those laws took place.

The problem continues to affect countless Americans every year. In fact, there are estimates of data breaches since 2005 that indicate that as many as 251 million records have been exposed or compromised. That is due to these breaches.

The result is often credit card fraud or, worse, identity theft, which can require time, money, and energy from consumers to repair their good name and, obviously, restore their credit history.

Furthermore, universities all across this Nation have had names, photos, phone numbers, and addresses of their students and staff compromised or stolen. Sensitive technology companies such as Science Applications International Corporation and Boeing have also had data security breaches. Breaches have also occurred in large financial institutions such as Bank of America and Wachovia Bank.

Also, in the private sector a single stolen computer at Ford Motor Company exposed the names and Social Security numbers of 70,000 current and former employees, and hundreds of hospitals have had the personal information of their patients compromised.

Breaches are pervasive in government agencies such as the IRS, the Federal Trade Commission, the FDIC, the State Department, the Department of Veterans' Affairs, the Department of Justice and Energy, and the U.S. Navy. Of course, the list goes on.

Clearly, the resolution we are considering tonight is timely. Just last week we were reminded again of how pervasive this problem is with the announcement of Heartland Payment Systems, a credit card processor, that over 100 million personal records were compromised. This could be, to date, one of the largest known security breaches in our Nation.

Thus, Madam Speaker, highlighting problems such as this to Americans will increase their awareness and encourage them to exercise more diligence and care in protecting their personal information today. So I thank my colleagues for their support and recognition of the importance of data privacy and the benefits of designating January 28, 2009, as National Data Privacy Day, and I look forward to generating support in my home State of Florida for this important initiative.

I reserve the balance of my time.

Rep. Peter Welch

legislator photo

I am the last speaker on my side, and I will continue to reserve.

Rep. Cliff Stearns

legislator photo

Madam Speaker, I yield such time as he may consume to the gentleman from California (Mr. Radanovich).

Rep. George P. Radanovich

legislator photo

The capabilities and, in some cases, the failures of modern technology, have brought the issues of data privacy and data security into the lives of all Americans. Whether it be at work, in health, in finance, or online generally, we all must be concerned about the unauthorized access to personal information, access which could put our livelihoods and, in extreme cases, our lives even at stake.

The Subcommittee on Commerce, Trade, and Consumer Protection has received testimony over the years about corporate data breaches that have damaged people financially as well as heard heartbreaking stories of stalkers stealing or buying personal information. As the new ranking member of the subcommittee, I am particularly concerned about these issues.

Just last week, we got reports about the hacking of the New Jersey-based credit card processor, Heartland Payment Systems. This company processes more than 5 billion transactions a year, involving tens of millions of credit card numbers, and someone was able to break into their system and monitor these transactions.

This is just another example of how all of us must be aware of the security of sensitive information. Furthermore, not only must individuals be careful with their information, but the businesses which we entrust with that data must guard it as if it were their very own.

I want to commend Mr. Price and Mr. Stearns for bringing this resolution before us today, and I want to thank Mr. Barton, Mr. Waxman, and Mr. Dingell for their continued efforts to address this issue. I want to lend my support to their efforts to educate the American public about ways to protect their personal information.

I look forward to continuing to work in this Congress to ensure the proper security of data and appropriate notice to consumers when their information is lost or revealed and there is significant risk of damage, financial or otherwise.

I fully support the goals and ideals of the National Data Privacy Day on January 28, and I urge all my colleagues to join in this effort.

Rep. Cliff Stearns

legislator photo

I yield back the balance of my time.

Rep. Peter Welch

legislator photo

Madam Speaker, I want to thank Chairman Price and Ranking Member Stearns for this excellent resolution. It draws attention to the importance of privacy protections by supporting the designation of January 28, 2009 as the National Data Privacy Day. It seeks to inform the public of data privacy concerns and urge them to take steps to ensure that their own private data is secure and accounted for. In that vein, State and local governments, as well as schools, are encouraged to educate citizens about data privacy. I thank the Representative from North Carolina for authoring this resolution.

Rep. Sheila Jackson-Lee

legislator photo

Madam Speaker, H. Res. 31 seeks to protect the personal interests and information of men and women across the country who exchange personally identifiable information across the Internet. I salute my colleague, Representative Price from North Carolina, in his efforts to designate January 28, 2009, as ``National Data Privacy Day.''

It is our duty and obligation to protect those victims of the exploitation of their personally identifiable information who often face a difficult and arduous process of cleaning up their credit records. These innocent victims, who may be an aging grandmother attempting to retire from over 30 years of labor as a housekeeper, or a young man who balances three jobs and is seeking a college loan, will be left to face lengthy investigations by credit card companies, financial institutions, and law enforcement agencies, while these cyber-criminals take minutes or less to destroy a namesake that has taken years to build.

Texas seeks to perform its part through the Texas Business and Commerce Code, which bolsters the security of personally identifiable information, with respect to an individual who is the owner or operator of a computer, including first name or first initial in combination with last name; a home or other physical address, including street name; electronic mail address; a credit or debit card number; a bank account number; a password or access code associated with a credit or debit card or bank account; a Social Security number, tax identification number, driver's license number, passport number, or other government-issued identification number; or any information if the information alone or in combination with other information personally identifies the individual.

According to the Privacy Rights Clearing House, since February 2005, more than 100 million records containing personal information have been subject to some sort of security breach.

Data privacy concerns exist wherever personally identifiable information is collected and stored--in digital form or otherwise. Improper or non-existent disclosure control can be the root cause for privacy issues. Data privacy issues can arise in response to information from a wide range of sources, such as: healthcare records, criminal justice investigations and proceedings, financial institutions and transactions, biological traits, such as genetic material, residence and geographic records.

The greatest challenge that we face in data privacy is to share data while maintaining a high level of protection amongst personally identifiable information. The ability to control what information one reveals about oneself over the Internet, and who can access that information, has become a growing concern over the ability for emails to be stored or read by third parties without consent, as well as the possibility of web sites which are visited collecting, storing, and possibly sharing personally identifiable information about users. For many reasons, individuals may not wish for the revelation of personal information such as their religion, sexual orientation, political affiliations, or private activities.

The economic crisis that our country is faced with today calls for an elevated guard of our financial information, as identity theft and a multitude of cyber-crimes are on the rise. Information about a person's financial transactions, including the amount of assets, positions held in stocks or funds, outstanding debts, and purchases can be sensitive. If criminals gain access to information such as a person's accounts or credit card numbers, that person could become the victim of fraud or identity theft. Information about a person's purchases can reveal a great deal about that person's history, such as places visited, persons contacted, products used, as well as activities and habits.

National Data Privacy Day provides for an international collaboration, and a nationwide and statewide effort to raise awareness about data privacy and the protection of personal information on the Internet and will call for government officials from the United States and Europe, privacy professionals, academics, legal scholars, representatives of international businesses, and others with an interest in data privacy issues to work together on this date to further the discussion about data privacy and protection.

Madam Speaker, I urge my colleagues to join me in supporting the promotion of the protection of personal information and data by designating January 28, 2009, as ``National Data Privacy Day,'' which will endorse the safeguard of personal information online and affects all of us.

Rep. Peter Welch

legislator photo

I yield back the balance of my time.

The question is on the motion offered by the gentleman from Vermont (Mr. Welch) that the House suspend the rules and agree to the resolution, H. Res. 31.

The question was taken.

In the opinion of the Chair, two-thirds being in the affirmative, the ayes have it.

Rep. Peter Welch

legislator photo

Madam Speaker, on that I demand the yeas and nays.

The yeas and nays were ordered.

Pursuant to clause 8 of rule XX and the Chair's prior announcement, further proceedings on this motion will be postponed.