Detailed Summary

Data Security Act of 2007 - Prescribes security procedures which an entity that maintains or communicates sensitive account or personal information must implement and enforce in order to protect the information from an unauthorized use likely to result in substantial harm or inconvenience to the consumer.

Grants exclusive enforcement powers to specified federal regulatory agencies with oversight of financial institutions.

Denies a private right of action, including a class action, regarding any act or practice regulated under this Act.

Prohibits any civil or criminal action in state court or under state law relating to any act or practice governed under this Act.

Prescribes data security standards to be implemented by federal agencies.

Expresses the sense of the Congress that federal regulators shall make every effort to reconcile differences between this Act and specified requirements of the Gramm-Leach-Bliley Act.

Provides that a notice provided to any consumer under this Act may be the basis for a request by the consumer for an initial fraud alert under the Fair Credit Reporting Act.

Preempts state law with respect to the responsibilities of any person to protect against and investigate such data security breaches and mitigate any losses or harm resulting from them.

Status of the Legislation

Latest Major Action: 3/27/2007: Referred to House subcommittee. Status: Referred to the Subcommittee on Commerce, Trade and Consumer Protection.

Points in Favor

(Log in to edit the wiki and be the first to show why the bill should pass!)

Points Against

(Log in to edit the wiki and be the first to show why the bill should not pass!)