"Network Solutions has begun notifying affected stores by e-mail and postal mail, and it is offering to notify the stores' customers as well. Forty-five states and the District of Columbia have enacted laws requiring customer notification when a data breach or loss jeopardizes the security of information, but the rules for complying with those laws differ from state to state. "We feel terribly about it, to burden them with the notification process, which can be kind of tricky because there is no one federal data breach statute," Wade said."

Actually, Ms. Wade, it is quite simple-- tell them to comply with the strongest state law and they will be in compliance with all of them. We're worried that industry, by the way, will convince Congress to pass a weaker data breach notification and preempt the better ones.

Consumers: this is why I would never, ever, use a debit card, especially on the Internet. With a debit card, fraud occurs against your own checking account and the law supposedly protecting you -- the Electronic Fund Transfer Act is weak. Plus, it's your own money you're missing until when and if the bank refunds it. Fraud against a credit card, on the other hand, is covered by the stronger Truth In Lending Act and the bank has a greater incentive to work hard to stop it. All plastic should be protected the same way credit cards are. If we get a new consumer agency, that could be one of its first efforts.