[Congressional Record (Bound Edition), Volume 152 (2006), Part 8] [Extensions of Remarks] [Page 10867] [From the U.S. Government Publishing Office, www.gpo.gov]INTRODUCTION OF ``NOTIFICATION OF RISK TO PERSONAL DATA ACT'' H.R. 5582 ______ HON. TOM LANTOS of california in the house of representatives Monday, June 12, 2006 Mr. LANTOS. Mr. Speaker, I rise to inform my colleagues that I am introducing legislation to protect the privacy rights of Americans. This bill will require Federal agencies that possess electronic data containing personal information to disclose any unauthorized acquisition of such information. Under this legislation, the same requirement will be made of ``people''--corporations, institutions and individuals--who engage in interstate commerce. The point is simple: People should be notified when information about them that is personal and potentially sensitive is stolen from a corporation or a government agency. We cannot rely on these entities to report such a theft on their own, since they might try to cover up the data loss to avoid adverse publicity. The most salient example of the need for such protection is the recent shameful episode in which it took the Veterans Administration three weeks to announce that personal information including names, birth dates, and social security numbers of millions of veterans had been stolen from the home of a VA employee. Keeping the problem under wraps for three weeks is not the way to protect our veterans from the potential theft of their identities. Many veterans have called my office expressing concern about their financial safety, and I am appalled the VA has not done more to protect them. The stolen information included the name, social security number, and date of birth for approximately 19.6 million veterans. Disability ratings for some veterans were also included in these files. On June 6, 2006, the VA announced that the stolen files might also have included data on 1.1 million active duty members of the military, 430,000 members of the National Guard, and 645,000 members of the Reserves. On June 8, 2006, the House Committee on Government Reform, on which I serve, conducted a hearing entitled, ``Once More into the Data Breach: The Security of Personal Information at Federal Agencies.'' During the hearing, U.S. Comptroller General David Walker testified that legislation is needed requiring agencies to notify those whose privacy is violated. The Comptroller General said, ``Public disclosure of major data breaches is a key step to make sure personal data is safeguarded.'' Congress should act on this issue, and it is time for us to give Americans the notice they need to protect themselves from identity thieves. My colleague, Senator Dianne Feinstein, first introduced the Senate version of the bill I am introducing today. I commend her excellent work in this area, and I am hopeful that moving this bill in the House will expedite needed action. ____________________