Re: "The providers should be obliged to report the breach regardless."
I think the proposal as it stands is a way to encourage data-storers to embrace encryption, but it is insufficient, and conflates (at least) two very different problems: loss of data and ability to read it. Both need reporting, as they refer to two aspects of a company's security that customers need to be aware of - I'm unlikely to go with a company that is losing data (even if encrypted) on a regular basis.
In addition, as others have said, there needs to be a minimum level of encryption specified, and yet we know that the minimum will become the standard. This means the black-hats will have incentive to break it within a very short time - and I'm not sanguine that they won't. Combined with unreported data-breaches (so I don't know to change passwords (or data-storer), this is not good for me as the consumer.
The idea is well-meant, I think, but it fails to address the issues properly.