Earlier this year, I wrote about several major data breaches at ChoicePoint, then LexisNexis. Headlines screamed how thousands–and in the case of CardSystems, millions–of individuals had their names, social security numbers, and other personal information exposed to god-knows-who. These revelations came only because of a California law, SB 1386, which requires companies to inform California residents if any data breaches occur. The Senate is currently considering a national version of the California law, but a weaker House of Representatives bill is rapidly gaining influence in Congress. If the House bill passes and becomes law first, future data breach revelations will be silenced, and data thieves will be free to run amok.