Congress

Lawmaker looks to boost FTC power in data breach enforcement

 

Rep. Ted Lieu (D-Calif.) is looking to toughen standards on private sector data breaches. His new bill was released the same day that Equifax announced that an additional 2.4 million Americans had their information stolen from the company, on top of the 145 million it had previously disclosed.

Lieu wants to expand the authority of the Federal Trade Commission in order to protect consumers and take action against companies who lose consumer data in security breaches.

"When companies have access to sensitive personal data, they have a considerable responsibility to keep that data safe," Lieu said in a statement. "Credit reporting agencies must be held accountable when they fail to keep sensitive data safe."

The Protecting Consumer Information Act would expand the enforcement authority of the FTC over credit reporting agencies. The Ending Forced Arbitration for Victims of Data Breaches Act would prevent data firms, such as Equifax, from entering arbitration clauses for lawsuits related to a data breach, and would nullify existing arbitration provisions. It would consider such clauses "unfair and deceptive" business practices under FTC rules.

Lieu's bills join a raft of other legislative proposals to hold companies accountable in the aftermath of data breaches.

In September 2017, after the initial revelation of the Equifax breach, Rep. James Langevin (D-R.I.) reintroduced his Personal Data Notification and Protection Act, for which Lieu was a co-sponsor. Langevin first introduced the bill in March 2015.

Shortly after, Rep. David Cicilline (D-R.I.) introduced a breach notification bill that would widen the scope of what would be considered personal information.

On the Senate side, Elizabeth Warren (D-Mass.) and Mark Warner (D-Va.) introduced a bill in January to establish cybersecurity standards for credit bureaus and institute financial penalties targeting firms that are breached. That bill also expands FTC's authority over breaches in the credit-reporting sector.

About the Author

Chase Gunter is a staff writer covering civilian agencies, workforce issues, health IT, open data and innovation.

Prior to joining FCW, Gunter reported for the C-Ville Weekly in Charlottesville, Va., and served as a college sports beat writer for the South Boston (Va.) News and Record. He started at FCW as an editorial fellow before joining the team full-time as a reporter.

Gunter is a graduate of the University of Virginia, where his emphases were English, history and media studies.

Click here for previous articles by Gunter, or connect with him on Twitter: @WChaseGunter

Featured

  • Defense
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    DOD CIO hits pause on JEDI cloud acquisition

    Dana Deasy set cloud as his office's top priority. But when it comes to the JEDI request for proposal, he's directed staff to "pause" to compile a comprehensive review.

  • Cybersecurity
    By Gorodenkoff shutterstock ID 761940757

    Waging cyber war without a rulebook

    As the U.S. looks to go on the offense in the cyber domain, critical questions remain unanswered around who will take the lead and how clearly to draw the rules of engagement.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Deadline extended for Rising Star nominations

    You now have until July 18 to help us identify the early-career innovators and change agents in government IT.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.