The blogosphere and even the press have made hay out of Sen. Ted Stevens’ explanation of the Internet as a system of tubes. It’s funny, but does it really matter?

Yes:

For example, a bill – the Financial Data Protection Act of 2005 (H.R. 3997) – being considered by the House of Representatives would let the breached company decide whether it should notify customers of a breach; the company would need to notify customers only if it felt the data was going to be misused to cause them financial harm, not under any other conditions. Under this proposal, we will hear less about companies that are sloppy with data. With friends like these in Congress, it might be better to let them continue to fail to deal with the issue and keep the state laws in effect.

Congress fails to grasp security risk ‘Net Insider By Scott Bradner, Network World, 08/14/06

After millions of identities, ranging from those of credit card users to those of most active duty U.S. military personnnel, have been lost or stolen over the last few years, and the only reason we know about most of those breaches is that a California law requires affected companies to report them to the people whose identities they compromised, the best Congress can propose is to let the affected companies decide whether to notify. Continue reading →