12 January 2015
Last updated at 15:04
Retailer Target was just one of several US stores to suffer large-scale data breaches
US President Barack Obama is set to propose three new laws that all deal with the way data is handled.
One will require companies to let customers know within 30 days if their personal information went astray in a data breach.
Another will attempt to give people more control over what can be done with the data companies gather about them.
The third law would ban educational software makers from selling data they collect from students.
The proposal on data breaches comes after a year in which many large US retailers, including Target, Home Depot, Staples and Sears, were hit by cyber-thieves keen to scoop up payment-card data.
To become US law, the proposal must get through the US Congress. Currently, different states have different disclosure regimes, many of which are more than 10 years old.
On data privacy, Mr Obama is believed to want to resurrect a “consumer privacy bill of rights” that was first proposed in 2012 and which would ensure consumers are consulted before data gathered from their online activity is analysed or sold.
Exact details of the proposals will come to light during a speech Mr Obama is due to make at the US Federal Trade Commission on 12 January. The speech will act as a preview of the State of the Union speech Mr Obama is scheduled to give on 20 January.