Sens. Tom Carper (D-Del.) and Roy Blunt (R-Mo.) are taking aim at retailers with new legislation intended to improve safeguards for consumer information, following recent revelations about data breaches at Target Corp. and Neiman Marcus Group Ltd.
The Data Security Act [PDF], which the bipartisan duo introduced Wednesday, would require companies that accept credit or debit card payments to have policies and procedures in place to protect consumer data from hackers and act on breaches when they occur. Under the bill, businesses would have to investigate breaches and work to secure the data targeted by hackers.
Companies also would have to tell their customers and federal authorities about any breaches. And if a breach involves at least 5,000 customers, businesses must notify credit-reporting agencies, too.