Efforts to establish national standards for protecting computer data received a boost when Microsoft Corp. announced support for the idea.
Microsoft, the world’s biggest computer software maker, did not endorse a specific bill but said a single national standard is better than the complex and sometimes contradictory patchwork approach now in place around the country.
The growing focus on privacy at both state and federal levels has resulted in an increasingly rapid adoption of well-intended privacy laws that are at times overlapping, inconsistent and often incomplete, Microsoft general counsel Brad Smith said in a speech to the Congressional Internet Caucus.
Congress has a number of proposals aimed at ensuring companies meet a certain standard for computer security and that they disclose when hackers have obtained customers’ information. But no comprehensive legislation has been proposed.
This is not only confusing for businesses, but it also leaves consumers unprotected. A single federal approach will create a common standard for protection that consumers and businesses can understand and count on.
Jerry Berman, president of the Center for Democracy and Technology, which works to enhance electronic privacy, called Microsoft’s announcement ‘a landmark moment in the cause of establishing and protecting individual privacy rights online.’
Lawmakers’ interest in requiring companies to disclose when their computer systems have been breached runs counter to years of efforts by the FBI and U.S. prosecutors to shield corporations that have been victims of hackers from bad publicity by keeping such crimes out of headlines.
But now, consumers want to know if their private information has been stolen – a reality Microsoft acknowledged in pushing for the new approach. "Consumers want transparency over how information is collected, control over how it is used and expect that information is secure," said Peter Cullen, Microsoft’s chief privacy strategist.
Such a scattershot approach may only make things worse, Cullen said.
Consumers want to know it is a consistent standard – that if they if purchase something in California it is no different from Idaho, he said.
More than 10 million U.S. residents were victimized by identity theft last year and hundreds of privacy-related bills have been introduced in state legislatures and Congress to address the issue.