Statements and Speeches

Hearing Statement: "State of Federal Privacy and Data Security Law: Lagging Behind the Times?"

Subcommittee on Oversight of Government Management, the Federal Workforce, and the District of Columbia

Jul 31 2012

WASHINGTON - Today, Sen. Tom Carper (D-Del.), Chairman of the Subcommittee on Federal Financial Management, released a statement following the Subcommittee o n Oversight o f Government Management, the Federal Workforce, and the District Of Columbia hearing, "State of Federal Privacy and Data Security Law: Lagging Behind the Times?" His statement, as prepared for delivery, is below:

I would like to thank Chairman Akaka and Ranking Member Johnson for holding this very important hearing on our nation's privacy and data security laws. Protecting individual privacy is of critical importance.

A few months ago, many Americans were very troubled to learn that a contractor for the Federal Retirement Thrift Investment Board suffered a major cybersecurity attack, which exposed the personal information of more than 123,000 Thrift Savings Plan participants. This breach, and the many others like it in both government and the private sector, highlight the need for Federal data security standards. The need for strong measures against privacy breaches is a clear reason why we are debating cybersecurity legislation on the Senate floor right now.

The Cybersecurity Act of 2012, which I was proud to co-author with Chairman Lieberman, Ranking Member Collins, and Senators Rockefeller and Feinstein, takes a number of bold steps to better secure our critical infrastructure and government networks. This bill is not perfect, but it represents a dramatic improvement over current law. It is also a good-faith effort to address the concerns of Members on both sides of the aisle.

By passing this bill we will help usher in a new generation of cyber tools for the federal government so that government agencies, such as the Thrift Investment Board, can be better prepared to face the cyber challenges of the 21st century.

As we have learned from the Thrift Savings Plan case, we must do more to ensure that sensitive consumer information is properly protected, and timely notification to consumers is provided in the event of a breach. Fraud and identity theft have serious consequences, and it is time we make sure government agencies, companies and others handling this sensitive information have rules in place to safeguard this information.

For several years now, I have introduced bipartisan legislation, and now which is filed as an amendment to the cybersecurity bill, to ensure these safeguards are established and implemented. This hearing highlights a very serious problem with regards to data security and I hope we can use the challenges highlighted by the Thrift Savings Plan case and others like it, to establish national data security standards.