[BreachExchange] Poll shows consumers against patchwork of state data breach laws

[Audrey McNeil]

http://legalnewsline.com/stories/511036315-poll-shows-
consumers-against-patchwork-of-state-data-breach-laws

Democrats, Republicans and Independents don't agree much on which direction
the country should go in these days, but one thing they have in common is
support for a single national standard for data breach notification.

Recent polling shows that 86 percent of voters favor such a standard for
companies to notify customers of a data breach rather than the current
patchwork of state laws.

The survey was conducted by Public Opinion Strategies and results were
presented by the group's co-founder Bill McInturff at the U.S. Chamber
Institute for Legal Reform's annual summit on Wednesday. The ILR owns Legal
Newsline.

McInturff said he was struck by the support that extends across the
partisan spectrum: 77 percent of Independents, 83 percent of Republicans
and 93 percent of Democrats indicate favor for a national policy.

He noted the "ubiquitous" nature of the concern. People are increasingly
worried about shopping online, with 74 percent of those polled saying they
worry "a lot" or "some" about the security of their personal information
while shopping online.

Nearly half of Americans, or 45 percent, have been notified that their
information could have been affected by a data breach. Sixteen percent of
those polled said that either they or someone they knew had their
information stolen,

"That's a lot of people," he said.

McInturff noted, however, that millennials are much less concerned about
data breach issues than persons over the age of 55.

Other findings include:

- The vast majority think data breaches are inevitably going to affect
major companies. Seventeen percent say that it is “inevitable,” while
another 63 percent say it will “probably” happen. Only 16 percent say that
data breaches will only happen to companies which are negligent or
incompetent in handling this information.

- More than four?in?five, or 84 percent, support reining in investigations
and lawsuits by ensuring that we have consumer protection laws that
specifically address data privacy, and not allow government regulators and
lawyers to rely on older laws. A mere 11 percent oppose this proposal.

- Voters say that companies who make investments up?front in cyber?security
but still suffer a database breach should not be sued (70 percent).

- Three-quarters, or 75 percent, say that companies which respond afterward
by quickly notifying its customers, providing free credit monitoring, and
fixing the security problems in its systems also should not be sued.

- More than two?thirds, or 69 percent, say that they would “limit class
action lawsuits to people who have personally suffered identity theft,
fraudulent activity in bank or credit card accounts or other financial
harm.” Exposure would not constitute harm, therefore.

"The survey clearly demonstrates overwhelming and consistent support for
policies to reform how data breaches are handled in legal proceedings and
by government regulators," the report states.

"This support is significant across partisan lines and among all key
sub?groups. While American voters are increasingly worried about the
security of their personal information, they also feel that most companies
will be affected by hackers at some point. They feel that companies who are
responsible prior to and following these data breaches should not be sued,
and want to limit class action lawsuits to only those who have experienced
direct harm, not just exposure."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161028/d92bcd30/attachment.html>