Washington Report

Advocacy Updates from Washington D.C.

Draft Data Breach Bill Passes Subcommittee

On Wednesday, March 25, 2015, the House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade approved a discussion draft bill entitled “The Data Security and Breach Notification Act of 2015.” The draft bill seeks to establish a single federal standard concerning data security and data breach notification. While NAR is supportive of a single national standard as is created by the bill, NAR has several concerns with the bill as drafted. Of most concern was the exemption of third-party service providers from the requirement to notify affected consumers when the service provider experiences a data breach. As drafted, the breached firm would only be required to notify the business, i.e. the agent or brokerage, whose data may have been hosted by the service provider. That small firm would be responsible for the costs of notice and potential fines and penalties, while the business responsible for the breach nearly entirely escapes responsibility. However, the Manager's Amendment, which was approved, contained a fix to this problem. NAR still has additional concerns with the draft bill including its vague language surrounding what constitutes “reasonable security measures and practices” and the potential expansion of the Federal Trade Commission’s enforcement authority.

Read NAR's Letter

Notice: The information on this page may not be current. The archive is a collection of content previously published on one or more NAR web properties. Archive pages are not updated and may no longer be accurate. Users must independently verify the accuracy and currency of the information found here. The National Association of REALTORS® disclaims all liability for any loss or injury resulting from the use of the information or data found on this page.