In an article I wrote for the Week in Review section last Sunday, I noted that no federal laws existed to punish companies when customers’ personal information and data were stolen in cyber-attacks, or mishandled by companies. And so punishment in these cases is left up to the states. Yet in many instances, state officials don’t have the resources to tackle this problem, and even acknowledge that they don’t always understand the technical aspects of breaches.Some government officials, though, are pressing for new federal legislation on this subject.Senator Al Franken, the former comedian and a Democrat from Minnesota, is one of them. As chairman of a new Senate Judiciary subcommittee on privacy and technology, he held a hearing on Tuesday and questioned Google and Apple executives about storing customers’ locations without their knowledge on mobile devices.
http://bits.blogs.nytimes.com/2011/05/12/who-could-become-the-data-sheriff/