Leahy's perennial data privacy bill gets another shot

In the wake of the Target stores' credit card hack, Sen. Patrick Leahy reintroduces a data privacy and protection law that he's wanted Congress to pass since 2005.

Seth Rosenblatt Former Senior Writer / News

Senior writer Seth Rosenblatt covered Google and security for CNET News, with occasional forays into tech and pop culture. Formerly a CNET Reviews senior editor for software, he has written about nearly every category of software and app available.

See full bio

Seth Rosenblatt

Jan. 8, 2014 3:33 p.m. PT

Sen. Patrick Leahy speaks at a Georgetown University Law Center discussion this past September in Washington, DC. Leahy joined former US Vice President Walter Mondale and former Sen. Gary Hart in discussing "Surveillance and Foreign Intelligence Gathering in the United States: Past, Present, and Future." Win McNamee/Getty Images

Maybe the fourth time will be the charm for Sen. Patrick Leahy's data privacy protections standards.

Leahy (D-Vt.) reintroduced his data privacy protection bill to Congress on Wednesday, for the fourth time since 2005. The Personal Data Privacy and Security Act would create a national standard for how businesses would have to notify customers of data breaches, and mandate customer data protection standards for businesses that collect sensitive personal information.

It would also update the Computer Fraud and Abuse Act so that attempted computer hacking and conspiracy to commit computer hacking would be punishable by the same criminal penalties that apply to actual hacking.

Leahy, the Senate Judiciary Committee chairman, said the committee would hold a hearing on data privacy early in the new Senate session.

Leahy's announcement of the bill's reintroduction stated that the recent Target stores' data breach was part of the impetus to reintroduce the bill, which remains unchanged from the version that was reported out of the Judiciary Committee last year.