In response to the recent data breaches at the Target Corporation and Neiman Marcus, the Securities and Exchange Commission (SEC) on February 14 announced plans to hold a roundtable to discuss the challenges that cyber threats present for public companies and financial markets.
“The growing interest in cybersecurity across financial markets and other sectors has raised questions about how various market participants can effectively manage cybersecurity threats,” the SEC stated in a press release. “Cybersecurity breaches have focused public attention on how public companies disclose cybersecurity threats and incidents.”
The roundtable will be held at the SEC’s Washington, D.C., headquarters on March 26 and will be open to the public and broadcast live on the SEC’s website. Among the topics likely to be discussed are the need to update informal, staff-level guidance issued in 2011 for public companies to use when determining whether to disclose cyber attacks to shareholders and the impacts it has on a company’s financial condition.
A week after the SEC’s announcement, Federal Trade Commission (FTC) member Julie Brill, in a speech at Princeton University, called on Congress to pass privacy laws to protect consumers from the collection of data and to add stronger transparency safeguards. Specifically, she endorsed two bills introduced by Senate Commerce Committee Chairman Jay Rockefeller (D-WV).
The Data Security and Breach Notification Act (S.1976) would require the FTC to issue security standards for companies that hold consumers’ personal and financial information. The Data Broker Accountability and Transparency Act (S. 2025) would prohibit data brokers from collecting or soliciting consumer information in deceptive ways and would allow consumers to access and correct their information to help ensure maximum possible accuracy.
Brill noted that consumers should be able to opt out of marketing based on consumer data profiles collected over time and across various websites. She also called on Congress to require data brokers and other entities to grant users the opportunity to edit their online profiles.