Bill SponsorBILLSPONSOR
Bill Sponsor
Politicians
Bills
Senate Bill 84
116th Congress(2019-2020)
Small Business Credit Protection Act
Introduced
Introduced
Introduced in Senate on Jan 10, 2019
Overview
Text
Introduced in Senate 
Jan 10, 2019
Not Scanned for Linkage
About Linkage
Multiple bills can contain the same text. This could be an identical bill in the opposite chamber or a smaller bill with a section embedded in a larger bill.
Bill Sponsor regularly scans bill texts to find sections that are contained in other bill texts. When a matching section is found, the bills containing that section can be viewed by clicking "View Bills" within the bill text section.
Bill Sponsor is currently only finding exact word-for-word section matches. In a future release, partial matches will be included.
Introduced in Senate(Jan 10, 2019)
Jan 10, 2019
Not Scanned for Linkage
About Linkage
Multiple bills can contain the same text. This could be an identical bill in the opposite chamber or a smaller bill with a section embedded in a larger bill.
Bill Sponsor regularly scans bill texts to find sections that are contained in other bill texts. When a matching section is found, the bills containing that section can be viewed by clicking "View Bills" within the bill text section.
Bill Sponsor is currently only finding exact word-for-word section matches. In a future release, partial matches will be included.
Jump To
S. 84 (Introduced-in-Senate)


116th CONGRESS
1st Session
S. 84


To amend the Small Business Act to require that consumer reporting agencies and other credit reporting companies provide certain protections to small businesses, and for other purposes.

IN THE SENATE OF THE UNITED STATES

January 10, 2019

Mr. Rubio (for himself, Mr. Kennedy, Mr. Coons, and Mr. Jones) introduced the following bill; which was read twice and referred to the Committee on Small Business and Entrepreneurship

A BILL

To amend the Small Business Act to require that consumer reporting agencies and other credit reporting companies provide certain protections to small businesses, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. Short title.

This Act may be cited as the “Small Business Credit Protection Act”.

SEC. 2. Data breaches.

(a) In general.—The Small Business Act (15 U.S.C. 631 et seq.) is amended—

(1) by redesignating section 49 (15 U.S.C. 631 note) as section 50; and

(2) by inserting after section 48 (15 U.S.C. 657u) the following:

“SEC. 49. Data breaches.

“(a) Definition.—In this section, the term ‘credit reporting company’—

“(1) has the meaning given the term ‘consumer reporting agency’ in section 603 of the Fair Credit Reporting Act (15 U.S.C. 1681a); and

“(2) includes an entity that collects commercial credit data.

“(b) Requirements for reporting breaches.—

“(1) APPLICABLE STATE LAW.—

“(A) IN GENERAL.—Except as provided in paragraph (2), if nonpublic data of a small business concern that is collected or stored by a credit reporting company has been breached, the credit reporting company shall report the breach promptly and not later than as required under the law of the State in which the small business concern is located.

“(B) LOCATIONS IN MULTIPLE STATES.—If a small business concern that is affected by a breach described in subparagraph (A) has locations in more than 1 State, for the purposes of that subparagraph, the law of the State that imposes the shortest period for the reporting of the breach shall apply.

“(2) EXCEPTION.—

“(A) IN GENERAL.—If a small business concern that is affected by a breach described in paragraph (1)(A) is located in a State that does not have a law that imposes a set period for the reporting of the breach, the credit reporting company to which the requirement under that paragraph applies shall report the breach in the most expeditious manner practicable and without unreasonable delay.

“(B) RULE OF CONSTRUCTION REGARDING A LAW ENFORCEMENT REQUEST.—For the purposes of subparagraph (A), a delay with respect to the reporting of a breach described in that subparagraph that is caused by a requirement to respond to a request submitted by a law enforcement agency shall be construed to be a reasonable delay.

“(c) Prohibition.—During the 180-day period beginning on the date on which a breach described in subsection (b)(1)(A) occurs, a credit reporting company may not charge a small business concern that is affected by that breach for providing the small business concern with the credit report of the small business concern.

“(d) No preemption.—Nothing in this section shall preempt any State law with respect to credit reporting companies.”.

(b) GAO report.—

(1) DEFINITIONS.—In this subsection—

(A) the term “credit reporting company”—

(i) has the meaning given the term “consumer reporting agency” in section 603 of the Fair Credit Reporting Act (15 U.S.C. 1681a); and

(ii) includes an entity that collects commercial credit data; and

(B) the term “small business concern” has the meaning given the term in section 3(a) of the Small Business Act (15 U.S.C. 632(a)).

(2) REPORT.—Not later than 1 year after the date of enactment of this Act, the Comptroller General of the United States shall submit to Congress a report regarding the economic harm incurred by small business concerns as a result of data breaches at credit reporting companies.