Prison for Execs for Data Breaches – Gotta Love It!
I love this bill. According to an article in Security Week, Democrat Senator Ron Wyden released a draft bill named the Consumer Data Protection Act of 2018. It aims to give consumers control over their data, including how it’s sold or shared, and gives the US Federal Trade Commission (FTC) the power to issue fines and other penalties. So far, I am all for it.
According to the article, “In its current form, the legislation empowers the FTC to establish minimum privacy and security standards, issue fines of up to 4 percent of an offending company’s annual revenue (similar to the EU’s GDPR), and even prison terms ranging between 10 and 20 years for senior executives. The agency would be given the resources necessary to hire 175 individuals to ‘police’ the market for private data.” Did you catch that – prison terms between 10 and 20 years for senior execs, whoo-hoo!
The bill also provides a ‘do not track’ system and tools for consumers to review the information a company has stored on them, and to find out who it has been shared with. That last one is rather interesting, as consumers have the right to check, I guess, the company’s database to search for their own information? Nice idea, but somewhat pie in the sky. That’s ok, I’ll accept the prison terms.
I have had my personal data hacked too many times – food company, checking account, emergency room, shoe retailer, and who knows which other organizations that don’t want to admit it. I think many US companies are led by some execs who are just lacking in ethics and scruples. Or maybe they are just lax and don’t feel they are accountable for safeguarding our personal information. Or even worse, don’t know how to do it.
Will the bill get passed? Of course not, but I can dream. Some of it mimics General Data Protection Regulation (GDPR), which is a good thing. Do you think it’s going too far?