A house lawmaker panel is discussing a new bill intended to quell security breaches on the internet. The bill would require all companies to rapidly notify officials and any affected customers.
If passed, companies would have 48 hours in which to notify authorities once they discover a breach in security. They would also face that same window for notifying the FTC (Federal Trade Commission) and customers after securing data from further breaches. Another provision would grant the FTC limited authority over nonprofit organization data.
A bill proposed two years ago limited the time for accessing breaches to sixty days. FTC commissioner Edith Ramirez said two months should be considered the “worst case,” but that sooner is much better. She went on to emphasize the importance of the FTC being notified as soon as or sooner than other agencies.