I don't know how anyone expects any different from the Republican Congress, but that doesn't make it any less harmful what Cliff Stearns, Republican of Florida's 6th district (House site, campaign site) is about to do. Stearns, hillariously the Chairman of the Commerce, Trade and Consumer Protection Subcommittee, is pushing through HR 4127, named [ahem] the Data Accountability and Trust Act (DATA). This is a boondoggle for big business and eliminates consumer notification requirements that 19 states have put on in case of a security breach at, say a credit card company or an Internet service provider (such as Yahoo or Microsoft) or any company that stores consumer data. Microsoft, Yahoo, and Entrust are supporting this bill; the Consumers Union is strongly opposed. True to each political party's vision, Stearn's subcommittee passed this by a party-line 13-8 vote. Let me follow up about a California law that is the Gold Standard, the details and problems of HR 4127, and some measure of how to stop this (the usual yada yada about contacting the whole Energy and Commerce committee). I was first drawn to this particular story from a Security Watch email from CNet News.com, a respected technology news and software resource. Senior Editor Robert Vamosi wrote a great article, titled Congress Loves Identity Theves, outlining the threats posed by HR 4127, and pointing out that a much better and stronger senate version, S. 1789, appears to be stalled. Vamosi talks about a California law that Congressional action would override (Stearns is trying to establish national standards and eliminating state ones in order to get data mining companies on board), California SB 1386, that was enacted into law in 2003. I will let Vamosi describe it for you:

Passed in 2003, California law SB 1386 states that any organization conducting business with California residents must notify those individuals if files containing their names, addresses, and other personal information have been breached. Chances are very few of the customers contained within the breached data files have ever suffered actual identity thefts. The numbers, in the millions, are rough estimates of potential victims, not reported ID thefts... For the companies, California SB 1386 revelations have proved embarrassing and costly. For CardSystems, for example, American Express and Visa have pulled their relationship with the card company, and MasterCard is said to be considering similar action.

So basically, the problem data companies have is when they carelessly lose your data, they are forced, in California, to disclose this to the consumers who are affected, and hence it gets in the media and causes them some headache and costs them business. And so they have a solution. Pass a federal law, eliminating that requirement and saving face while they continue to play frisby with your personal data. So what do they do? Again, Vamosi explains:

The House DATA bill would require companies to contact customers only when there is a "reasonable basis to conclude that there is a significant risk of identity theft." No longer would disclosure be automatic or compulsory (with some minor exceptions), as it is under California's SB 1386; instead, whenever a company feels there is a threat to its customers, the company will let you know... Under the DATA law, companies are required to have an individual responsible for personal privacy and to report breaches to the Federal Trade Commission, but public disclosure isn't required. If a tree falls in a forest and no one's around, does it still make a sound? It does if you're the one having your identity stolen. [emphases mine]

David Lazarus of the San Francisco Chronicle agrees, along with California's premier consumer protection lawmaker, Debra Bowen:

"It's outrageous," said state Sen. Debra Bowen, D-Marina del Rey (Los Angeles County), a leading privacy advocate in Sacramento. "The California law is to enable people to protect themselves. If this bill passes, we'll lose that."...

So much for states rights, huh? The Consumers Union, in a letter to Stearn's Subcommitee, explains the problem point by point:

First, its so-called breach trigger for notice to individual consumers is nearly insurmountable. We doubt whether any of the breaches affecting over 50 million Americans in 2005 alone would have required notice had this bill been law. The bill requires a “reasonable basis to conclude that there is a significant risk of identity theft” before individual notice is required. Several problems arise with this “don’t know, don’t tell” construct:

• First, identity thieves often wait for months after a breach before striking, making it difficult for anyone to evaluate the risk to individuals until their identities are already stolen. Stolen data may also be sold to multiple people, putting individuals at greater risk. • Second, if a risk assessment is inescapable, the “significant risk” of the present trigger is simply too high a threshold for notification. Individuals who are at some risk still need to be informed. • Third, the trigger leaves companies off the hook from notification when they do not know whether individuals are at risk. At the very least, companies should have to notify individuals unless they make a written certification to a government agency that individuals are not at risk • Fourth, a trigger that allows the breached entity to decide whether individuals are at risk will not work. The breached entity may have an incentive not to disclose the breach. • Fifth, there are harms other than identity theft that could result from a breach of information, for example, stalking and domestic violence. • Sixth, including a risk standard within the definition of “breach of security” undercuts the definition of a breach.

There you go. Consumers are left at the mercy of when companies believe there is a "reasonable basis to conclude significant risk of identity theft," and an FTC that's part of an administration that will sell out your country to the Chinese in order to benefit their corporate bosses.

Now, is there a better bill in Congress? Yes, there is. It's Senate resolution 1789, sponsored by Sens. Specter, Feinstein, Leahy and Feingold. Vamosi of CNet tells us why 1789 is legislation with some teeth in it:

S 1789 would create one unified law for all 50 states, but it would allow potential ID theft victims to put a seven-year fraud alert on their credit report (currently this is available for actual ID theft victims only). The Senate bill also carries stiff penalties for companies and organizations that fail to inform potential victims of ID theft: the bill asks for $1,000 per individual, not to exceed $50,000 per day per company or organization.

But of course, big business doesn't like it when consumers and the press raise a stink about them losing your data, so that bill is stalled. HR 4127 (the bad, anti-consumer, pro-data-loss bill) now goes before the full Energy and Commerce Committe of the House, chaired by Joe Barton of TX-6th. John Dingell of Michigan is the ranking member of that committee. You can send the full committee your comments, or look up all the members, and contact them individually (especially the Republican ones, as it seems that this is a party-line thing). Oh and if one of these members is your Congressperson, be sure to call their local office, too. I think it's important to let them know these points:

1. YOU want to know whenever there is even a single letter lost from your data stored anywhere. It's YOUR data, and YOU want to know of even what the companies consider small or insignificant breach of your data. YOU get to decide what's significant, not them.
2. Consumer protection and consumers' right to know when their data may be in geopardy trumps data wirehouse big business face-saving.
3. The people's right to know (via the press) when a data company messes up trumps that data company's profit interests.
4. Well intentioned businesses who are doing their best to be reputable with their customers are handicapped if they cannot find out which data companies are unreliable to handle their customers' data. Those businesses do not deserve to be penalized.
5. Whatever law Congress passes, those should be minimum standards, and states must be allowed to impose additional ones as they see fit.

This should be personal for all of us. This has gotten to a point where to feed their corporate interests, Republicans are ready and willing to endanger and greatly expose every American to identity theft and fraud, without them even knowing about it.

Right after Tuesday's Democratic trifecta in California, New Jersey and Virginia, the airwaves filled up with pundits who started discussing how it was either a year of the status quo being preserved, or a year when voters put their foot down on the right wing hijacking of America. I believe the latter. But one thing everyone is ignoring is how the Democratic party has been re-energized, re-organized, and revitalized under the leadership of a chairman elected to head the Democratic National Committee just 9 months ago. Yes, his name is Howard Dean. I want to stress that Tuesday's victories had a lot to do with Howard Dean's management of the party (and the movement that is Howard Dean), and that's why it is the beginning of a new day. First, I will try to give the broad picture, then a short look-back at what's been happening since Dean took over, and lastly the grassroots movement's role in all this. The broad and big picture is this: a year ago, Terry McAuliffe was the Chairman of the Democratic Party and the DNC was nothing but a mouthpiece and a second arm of the Democratic Presidential nominee. A year ago, we had the weakest possible incumbent president in office, and yet failed to oust him from office. A year ago, among all the distrust on the Iraq war and the Plame case looming on the Republicans, they still turned the tables and actually gains seats in Congress. A year ago, Democrats were running around the country like chickens with their heads cut off. A year ago, Californians passed all the initiatives on the ballot backed by Schwarzenegger. And a year later? A year later, California told the governator to shove it. A year later, Democrats just successfully blocked the Republican attempt to deliver tax cuts to the wealthy by taking food away from the mouths of America's children. A year later, not only did Democrats win the governorship of New Jersey by 10 points, they also gained seats in the State Assembly. A year later, a Virginia progressive running on sensible gun legislation and smart investment of taxpayer dollars who openly campaigned proudly on raising taxes on the rich to pay for schools, beat a conservative Republican - in a red state - by 6 points. 6 points might not seem like much, but remember that Bush won the presidential election by a mere 2 to 3 point margin in the popular vote and Republicans called it "historic." A year later, a deep red (70% of the voters are registered Republicans) Pennsylvania school district saw all 8 Republican members of it who supported teaching creationism in science classes thrown out and replaced by 8 Democrats. And oh, a year later, a new chairman reigns in the Democratic National Committee, and the DNC has put paid organizers on the ground in every state. But what has happened in the 9 months since Dean took over that, for a change, gave Democrats a night of victory? Let's look. On February 12, 2005, Howard Dean was elected Chairman of the Democratic party. Dean had run for Chair on a platform of reforming the party and making the Democratic party the party of reform. He promised to put organizers paid by the national party (but working for the state and local grassroots) on the ground in every single state. In the National Organizing Kickoff less than a week away, Dean will announce that he has reached this goal in less time than he was targeting (he promised to have it all up and running in one year, and he has done it in 9 months). Since coming into office, Dean has transformed the DNC from a presidential campaign organization to a grassroots political powerhouse. He instituted Democracy Bonds, a way for rank and file Democrats to contribute $10, $25 a month to build the party and free it from the grips of big money dependency. Using it, ordinary Democrats are coming back in financial control of their party. Dean also revamped the DNC website. Instead of just a website-in-name-only with a shopping cart, the site is now full with a kick-ass blog, focus on constituency communities, an action panel write a letter to the editor, invite your friends to join, even register to vote. The DNC got rank and file Democrats excited and engaged by asking them to take action in emails rather than just donate money. Emails asked us to sign a petition, to volunteer, to write letters to the editor about the outrage of the Iraq war and the Katrina disaster. When Dean asked for money, he told us how he was going to use it: give us 25 bucks now and in a week we will put organizers in 10 more states. Dean became chairman by promising to return the control of the party to the grassroots. And he is delivering on it. The national party is providing resources, and letting local Democrats take the lead in organizing. Under Chairman Dean, the DNC is transforming into a temple of democracy from a bank account. But it isn't just Howard Dean's management. It is also the inspiration that he naturally is. Howard Dean and his team at the DNC has been working hard at it since he took over in February, and us folks in the grassroots in every state that got Dean elected chair never let up for a moment. Dean told us when he was elected chair that he will transform the party from the top down if we will reform it from the bottom up. Grassroots folks took that to heart and got ourselves elected to Assembly District Democratic committees, Democratic County Central Committees, and as State Democratic Delegates and Executive Board Members. And we continue to push for that change from the bottom up. We became active in local campaigns, be it city council, school board, or county commissioner. We organized, wrote letters, we got trained and trained others in campaigns, we started a national conversation, and we showed up everywhere. Even the little red Pennsylvania town named Dover. We are on track to realize Dean's call for us to leave no ground uncontested. This is Howard Dean. As we often said during the presidential campaign, Howard Dean is not just a person. Howard Dean is a movement. It is a movement to change the Democratic Party and making it stand for reform and to take our country back. This is the movement that started with Howard Dean's campaign for president, took new life in his election as DNC Chair, and continues to this day. It is that movement that, at least partly, is responsible for what happened on Tuesday. But this is only the first step. If we have learned anything, it is that in the battle for the country's soul, you can never give up. Eternal vigilance *is* the price of liberty. We have to organize even better, stronger and more trained in order to win compete and win everywhere in 2006, and then in 2008 and beyond. So if you are still sitting their trying to decide what to do, get up and contact your local DFA chapter or a local Democratic club and join in. Transform your party! Take your country back!!

Last night was judgment day for Arnold Schwarzenegger. And California delivered the judgment in a lightening bolt: NO. He lost every single one of the intiatives he campaigned for: 74-77, and he also lost 73 and 78. But why was this defeat so resounding? Why couldn't his team get even a face saving proposition passed? No, this is not the run of the mill TV analysis. There will be plenty of answers to those questions on TV and newspapers and radio and so forth. But here's why we really won: GRASSROOTS. Let me tell you some of my personal experiences. Howard Dean said, "We are a campaign built from mouse pads and shoe leathers." That's what the Alliance for a Better California, California for Democracy, and our allies in every neighborhood put together. Over 12,000 volunteers up and down the state knocked on doors, made phone calls, recruited more volunteers, entered data, hung up door hangers, wrote to editors, and got out the vote. Planned Parenthood and the ACLU did much of the same things to turn down Proposition 73. I was privilaged to be a small part of both these campaigns: Alliance and the Campaign for Teen Safety. And it was an inspiring story of walking, phoning, blogging and being in it together. In the final weekend, we had a rally with Speaker Nunez and we picked up our precinct material and went out knocking on doors. For me personally, it took me Saturday and Sunday to knock on all the doors in my designated precinct. I raved up my bad map reading skills, parked the car and went walking. I got to talk to some people, for others I left literature under the mat and a door hanger on the knob. Some of the people I saw were rude, but most were happy somebody was there to talk to them and answer their questions. It was a rewarding experience with countless "thank you for doing this"s, and a relatively few "it's none of your business"es. One man in particular engaged me in a debate about 77, and after a 20 minute conversation, he told me he had changed his mind and now will vote NO on 77. It was gratifying, satisfying, and those 20 minutes - at the end of the day and my legs were hurting - were the best 20 minutes of the time I walked in the last weekend. I also phone banked with the Campaign for Teen Safety - NO on 73 campaign. That experience was also humbling. People on the other end sometimes were annoyed by the volume of phone calls they were receiving, but most were willing to hear me out. Because I was comfortable talking about teen pregnancy issues candidly with them, they were willing to listen and ask questions. I made as many phone calls as I could in a single night, yet I wasn't robo-calling. I also got on my computer, blogged, exchanged ideas, sent emails, signed people up and got and as a webmasters, provided people with information and tools to get active, find out what's going on and where and who needs our help, and hit the ground running. A few clicks, and I knew what I needed to do that day, that weekend, that week. But a bigger inspiration were the people around me. The other people - some of then union folks, some not - who went through shoes walkinh, who borke their phoning, ate cold pizzas (okay, they weren't always cold) for dinner, who gave far more time than I was able to. All of these people were ordinary Californians who cared about what happens to our society. And all of them believe in something simple: fairness, hard work, and the American dream. Not all of them had the same skill sets, not all of them even agreed on everything. Some were prolific phone bankers and others were outstanding precinct captains, yet others were experts at writing letters to the editor. But all of us were working toward the same goal: protecting and standing with hard working Californians, to make sure those who serve our state every day without thanks are not victimized by runaway political extremists. And so we put together a campaign of epic, grassroots proportions where real people made a difference. Millions of phone calls and millions of walked miles later, we are victorious. Of course all those propositions were bad ideas and bad policies, but Schwarzenegger has pushed bad policies on the ballot through before. This time though, the mouse pads and shoe leathers got in the way.