It should come as no surprise that, after suffering very public breaches this year, Sony and Epsilon are supporting federal legislation that would require companies to promptly notify customers if their personal information is stolen or exposed in a data breach.
The US House of Representatives held a hearing entitled "Sony and Epsilon: Lessons for Data Security Legislation" on June 2nd. As the opening memo notes, these companies have become "ground zero in the war to protect consumers' online information," having suffered such large and public breaches. The hearing questioned why safeguards, now being implemented at both companies, were not in place before these breaches happening. And why it took so long to notify consumers of said breaches.
Rather than pointing fingers, the point of the hearing was to find better ways to protect consumers. One of those ways is through legislation.
Will this be enough to push legislation through? What do you think?