WASHINGTON (Legal Newsline) - Democrats, Republicans and Independents don't agree much on which direction the country should go in these days, but one thing they have in common is support for a single national standard for data breach notification.
Recent polling shows that 86 percent of voters favor such a standard for companies to notify customers of a data breach rather than the current patchwork of state laws.
The survey was conducted by Public Opinion Strategies and results were presented by the group's co-founder Bill McInturff at the U.S. Chamber Institute for Legal Reform's annual summit on Wednesday. The ILR owns Legal Newsline.
McInturff said he was struck by the support that extends across the partisan spectrum: 77 percent of Independents, 83 percent of Republicans and 93 percent of Democrats indicate favor for a national policy.
He noted the "ubiquitous" nature of the concern. People are increasingly worried about shopping online, with 74 percent of those polled saying they worry "a lot" or "some" about the security of their personal information while shopping online.
Nearly half of Americans, or 45 percent, have been notified that their information could have been affected by a data breach. Sixteen percent of those polled said that either they or someone they knew had their information stolen,
"That's a lot of people," he said.
McInturff noted, however, that millennials are much less concerned about data breach issues than persons over the age of 55.
Other findings include:
- The vast majority think data breaches are inevitably going to affect major companies. Seventeen percent say that it is “inevitable,” while another 63 percent say it will “probably” happen. Only 16 percent say that data breaches will only happen to companies which are negligent or incompetent in handling this information.
- More than four?in?five, or 84 percent, support reining in investigations and lawsuits by ensuring that we have consumer protection laws that specifically address data privacy, and not allow government regulators and lawyers to rely on older laws. A mere 11 percent oppose this proposal.
- Voters say that companies who make investments up?front in cyber?security but still suffer a database breach should not be sued (70 percent).
- Three-quarters, or 75 percent, say that companies which respond afterward by quickly notifying its customers, providing free credit monitoring, and fixing the security problems in its systems also should not be sued.
- More than two?thirds, or 69 percent, say that they would “limit class action lawsuits to people who have personally suffered identity theft, fraudulent activity in bank or credit card accounts or other financial harm.” Exposure would not constitute harm, therefore.
"The survey clearly demonstrates overwhelming and consistent support for policies to reform how data breaches are handled in legal proceedings and by government regulators," the report states.
"This support is significant across partisan lines and among all key sub?groups. While American voters are increasingly worried about the security of their personal information, they also feel that most companies will be affected by hackers at some point. They feel that companies who are responsible prior to and following these data breaches should not be sued, and want to limit class action lawsuits to only those who have experienced direct harm, not just exposure."