Everyone seems to agree that customers should be told if a place they do business with is the victim of a data hack. But there's no agreement on how to go about letting people know about such breaches.
Most states already have laws that require retailers to warn customers that data has been swiped. But there are wide differences in those laws. In one state, customers have to be told right away - but in other states, that isn't so. And since customers may not live in the state where a company's headquarters are located, the rules may vary.
Attorney General Eric Holder has joined the call for a national notification standard. But it's unlikely lawmakers will be able to reach consensus on that this year.