INFRA
INFRA
INFRA
Proposed law would impose huge fines for credit reporting agency data breaches
New legislation being pushed by two Senate Democrats would give the Federal Trade Commission the power to fine credit reporting agencies that fail to protect consumer information from data breaches.
The proposed law, called the Data Breach Prevention and Compensation Act 2018, was proposed today by Elizabeth Warren (D-Mass.) and Mark Warner (D-Va.) in response to the high-profile hacking of credit reporting agency Equifax Inc. in 2017.
Under the draft law, the FTC would create an Office of Cybersecurity that would be responsible for reviewing and inspecting credit reporting agencies. In the event that a data breach does occur and the reporting agency is found to have been remiss in making reasonable attempts to secure the data, the agency would be fined $100 per hacked record with a maximum payout set at 50 percent of the agency’s gross revenue from the previous year.
“Under this legislation, Equifax would have had to pay at least a $1.5 billion penalty for their failure to protect Americans’ personal information,” Senator Warren said in a statement. “To ensure robust recovery for affected consumers, the bill would also require the FTC to use 50 percent of its penalty to compensate consumers and would increase penalties in cases of woefully inadequate cybersecurity or if a CRA fails to timely notify the FTC of a breach.”
Ken Spinner, vice president of field engineering at the data security firm Varonis Systems Inc., told SiliconANGLE that he believes the act doesn’t go far enough to cover the “thousands upon thousands of other major organizations and the millions of customer files” under their control.
“It’s impossible to avoid the regular drumbeat of breaches in the news. Consumers are simply getting fed up,” Spinner said. “Companies that have spent millions to gain customers and win their loyalty can find those gains wiped out overnight once a breach hits. We’ve got a long way to go before the U.S. adopts measures like EU’s Data Protection Act, but it’s encouraging to see some movement, at least on paper, in the wake of last year’s devastating attacks.”
It’s not clear whether the proposed law will obtain broader support in the Republican-controlled Senate, but it has been endorsed by a number of consumer advocacy groups, including the U.S. Public Interest Research Group, the Electronic Privacy Information Center and the Consumer Federation of America.
Photo: mdfriendofhillary/Flickr
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
