Bruce Rauner for president? Given his recent veto of the state’s attempted identity theft legislation, it’s clear he places the interest of big business over the well-being of his constituents. Which, as far as I can tell, is one of the primary qualities necessary to run for president in this country.
It’s a shame when common sense and social responsibility are replaced by special interest groups and promised re-election funds. The Illinois governor this week vetoed a progressive bill that was meant to improve reporting of data breaches. The governor’s reason? It goes too far.
Since when does protecting your constituents from fraud ever go too far?
Here are some of the parts of the bill apparently go too far…
- Improving the definition of personal information to include your home address, telephone number, and email in combination with other personal information, such as your mother’s maiden name or your date of birth. Apparently Governor Rauner has never had to verify his information in order to gain access to an account or make changes to an account…because that combination of information will get you in to a hell of a lot of accounts!
- Allow the state Attorney General to publish the names of companies that have experienced a breach along with the type of information that was breached. Obviously, we consumers shouldn’t expect there to be an easy location to go and check if the companies we do business with have been breached, or to find out more information about breaches we’ve heard about and are nervous about. Of course, this might look bad for the poor, poor business that was breached. Because it’s not like they did anything wrong. Oh, wait. They failed to safeguard the information we entrusted them with. Excuse me if I don’t feel too bad for them.
- Requiring companies that store personal information for other companies, but don’t necessarily “own” it, to inform the Attorney General if their data is compromised. Because if someone else is storing the data for you, and they get breached, it’s like that breach never really happened. Right?
- Requiring companies that have experienced a breach to notify the Attorney General within 30 days. Governor Rauner would prefer 45 days, to “ease the burden of compliance.” I get it, when a breach happens, companies are freaking out. And it’s hard to remember all those little people they need to inform. You know, like the government. Here’s an idea. How about requiring companies who do business in your state (and every state) to have a breach preparation plan in place, so they know exactly who to contact when. Then it wouldn’t matter if you give them 45 days, 30 days, or 2 days. Because the sooner they notify people about the breach, the sooner their customers can take steps to protect themselves.
Governor Rauner stated that the proposed bill is a “significant departure from the data protection laws of other states.” Which, to his credit, is true. Of course, given the sheer number of data breaches happening every day, and the steady rise in identity theft, one might argue that sticking with the status quo for data protection standards is a bloody stupid idea.
I take it back, Governor Rauner, you’d make a terrible president. A president has to lead. Apparently you prefer to follow the pack. Or follow the PAC.