Shoddy disclosure practices that leave customers unaware that their personal information—including, in some cases, extra-sensitive details like Social Security and driver’s license numbers—is in the hands of unknown hackers.
While state-level legislation already forms a patchwork of penalties for that sort of behavior, a new bill introduced in the US Senate this week wants to make nondisclosure a jailable offense no matter where it happens in the country. Failure to report within 30 days could come with imprisonment of up to five years for the execs who decided to cover it up.
The bill’s prospects are a little muddied, especially given that it basically echoes a 2014 bill that tried to do the same in the wake of the massive hack Target disclosed that year. Hopefully, though, the number of high-profile breaches—with literally billions of people affected—give the effort a better sense of urgency this time.