Group Pushes Congress For Data Protection; Cites More Than 100 Million Compromised Personal RecordsGroup Pushes Congress For Data Protection; Cites More Than 100 Million Compromised Personal Records

The Cyber Security Industry Alliance is calling on Congress to enact federal laws requiring public and private entities to secure sensitive personal information.

"The continued mishandling of personal information is a problem affecting every corner of the country and a wide range of organizations, including private sector corporations, government agencies, financial firms, educational institutions, healthcare and insurance companies," CSIA wrote in a statement outlining its reasons behind the push for new legislation. "The types of personal information that have been lost range from medical records to Social Security numbers to bank account details. Furthermore, the burden is on the victims to determine what degree of risk they face and how best to protect themselves from future incidents, creating a frustrating and daunting situation for so many Americans."

More than 100 million personal records, or roughly one record for every three Americans, have been compromised since February 2005, according to the Privacy Rights Clearinghouse. CSIA estimates that the average victim of identity theft spends $834 and 77 hours to clear their name.

As the number of data breaches grows, states, local governments, and private groups are creating a patchwork of regulations and guidelines to try to deal with the problem. CSIA, which has done a number of surveys on attitudes about information security and identity theft, warns that political and economic fallout will continue until lawmakers agree on a uniform federal standard.

"Congress should be very concerned about this milestone not only because of the sheer number of individuals affected, but also because the decline in consumer confidence in the security of personal information is a serious drag on our economy," CSIA Executive Director Paul Kurtz said through a statement released Thursday.

Ninety-five percent of voters responding to a survey conducted in the spring of 2006 said that identity theft is a serious problem and less than one in five said they believe that existing laws protect their privacy. Seventy-two percent said the private sector should do more to protect their personal information.

About 44% of American Internet users, or 70 million people who are confident that their Internet transactions are safe, spend an average of $116 online every month, according to CSIA. Online retailers could be losing up to $3.8 billion a month from the remaining 38 million people who avoid making online purchases because of a lack of confidence in information security, according to CSIA.

Barely a third of American adults believe that banking online is as safe as banking in person and 64% believe that people who bank online are putting their financial information at risk, according to CSIA.

CSIA is promoting a single standard for consistent and recognizable notification, best practices and enforcement.

"By passing a federal data security bill, Congress has the power to alleviate much of the fear, uncertainty and doubt that Americans are facing right now," Kurtz said.