Sen. Jay Rockefeller (D-W.Va.) has called on the Securities and Exchange Commission to clarify corporate obligations to publicize cybersecurity breaches.
In a letter to SEC Chair Mary Schapiro, Rockefeller said that "securing cyberspace is one of the most important and urgent challenges of our time. In light of the growing threat...it is essential that corporate leaders know their responsibility for managing and disclosing security risk."
Current law requires publicly traded companies to disclose to investors "material" risks and events including network breaches, but Rockefeller says a "significant" number of companies are not doing so.
He wants some "interpretative guidance" from SEC to clarify that responsibility.
The call comes the same week that Sen. Patrick Leahy (D-Vt.), chair of the Senate Judiciary Committee, said he would push a fourth time for a bill that would mandate online privacy breach notifications to the public and law enforcement. A Justice Department official said the administration would recommend that reporting requirement as part of an upcoming set of legislative recommendations.
That news came out in a Senate privacy subcommittee hearing this week in the wake of revelations about geolocation data collection by Apple iPhones and a couple of high-profile breaches of personal information involving Sony online gaming networks.
Broadcasting & Cable Newsletter
The smarter way to stay on top of broadcasting and cable industry. Sign up below
Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.