Data Breach Prevention and Compensation Act
Introduced by Sens. Elizabeth Warren (D-MA) and Mark Warner (D-VA)
On September 7, 2017, Equifax announced that hackers had stolen sensitive personal information
– including Social Security numbers, birth dates, credit card numbers, and driver’s license
numbers – for as many as 143 million Americans. The attack highlighted that credit reporting
agencies (CRAs) hold vast amounts of data on millions of Americans and lack adequate
safeguards against hackers. Press reports and cybersecurity experts identified a number of
security lapses at Equifax – including in the days following the company’s disclosure of the
breach – which potentially indicate a pattern of security failings.
The Data Breach Prevention and Compensation Act addresses this problem by giving the
Federal Trade Commission more direct supervisory authority over data security at CRAs and
imposing a strict liability penalty regime that will incentivize the largest agencies to adequately
protect consumer data and automatically compensate consumers for stolen data. Specifically, the
bill:
• Imposes strict liability penalties for breaches involving consumer data at credit reporting
agencies. CRAs – including Equifax – currently face no mandated penalty for allowing
consumer data to get stolen after they have collected it without consent. This bill would
impose mandatory, strict liability penalties for breaches of consumer data at CRAs,
beginning with a base penalty of $100 for each consumer who had one piece of personal
identifying information (PII) compromised, with an additional $50 for each additional
piece of PII compromised per consumer. The bill caps the penalty at a maximum of 50%
of the CRA’s gross revenue from the prior year.
• Ensures robust recovery for affected consumers. Under current law, it is difficult for
consumers to get compensation when their personal data is stolen. Typical awards range
from $1 to $2 per consumer. This bill requires the FTC to use 50% of its penalty to
compensate consumers.
• Establishes an Office of Cybersecurity at the FTC that is tasked with annual inspections
and supervision of cybersecurity at CRAs. The FTC currently does not have adequate
authority or resources to monitor data security practices at CRAs. This bill establishes a
Director and Office of Cybersecurity that would conduct cybersecurity inspections at
CRAs and authorizes the FTC to promulgate new regulations outlining effective data
security standards for CRAs.
• Increases penalties for cases of woefully inadequate cybersecurity or failure to notify.
The bill would double the automatic per-consumer penalties and increase the maximum
penalty to 75% of the CRA’s gross revenue in cases where the offending CRA fails to
comply with the FTC’s data security standards or fails to timely notify the agency of a
breach.
You might also like
- Testimony: "Fair Credit Reporting Act: How It Functions For Consumers and The Economy" (2007)Document40 pagesTestimony: "Fair Credit Reporting Act: How It Functions For Consumers and The Economy" (2007)Jillian SheridanNo ratings yet
- Backgroud Screening Danilo Torres WalmartDocument22 pagesBackgroud Screening Danilo Torres WalmartDanilo TorresNo ratings yet
- Employee Background CheckDocument23 pagesEmployee Background CheckJaker SauravNo ratings yet
- Question Bank Lab Test FCPDocument9 pagesQuestion Bank Lab Test FCPRoslina JaafarNo ratings yet
- Programming Assignment Unit 6 1Document13 pagesProgramming Assignment Unit 6 1Majd HaddadNo ratings yet
- 5 25 2011secfactsheetDocument4 pages5 25 2011secfactsheetGovtfraudlawyerNo ratings yet
- Data Breach Prevention and Compensation Statements of SupportDocument1 pageData Breach Prevention and Compensation Statements of SupportMarkWarnerNo ratings yet
- US FTC Privacy and Data Security Update 2017Document22 pagesUS FTC Privacy and Data Security Update 2017Konstantin S. TrusevichNo ratings yet
- SB2061 Harms and Costs - MIRA SummaryDocument7 pagesSB2061 Harms and Costs - MIRA SummaryVotoBostonNo ratings yet
- CD Ws Security So 32672 e Guide 120310Document8 pagesCD Ws Security So 32672 e Guide 120310Eduardo Martinez CoronaNo ratings yet
- Privacy Definition of TermsDocument37 pagesPrivacy Definition of TermsmarjNo ratings yet
- Experiment Title.: Case StudyDocument5 pagesExperiment Title.: Case StudyDraKon GamingNo ratings yet
- Consumer IssuesDocument67 pagesConsumer IssuesWarriorpoet100% (2)
- Further Look at New Dodd-Frank RulesDocument3 pagesFurther Look at New Dodd-Frank Rulesjkopel6221No ratings yet
- Flyer 2Document2 pagesFlyer 2api-328607187No ratings yet
- BJ Fashion Security BreachDocument12 pagesBJ Fashion Security BreachShah ShahriarNo ratings yet
- Agency:: OCC: Patrick Kelly, Director, Critical Infrastructure Policy, (202) 649-5519, Carl KaminskiDocument54 pagesAgency:: OCC: Patrick Kelly, Director, Critical Infrastructure Policy, (202) 649-5519, Carl KaminskimereklicksNo ratings yet
- David Bier - E-Verify Mandate Is Costly For Businesses and WorkersDocument4 pagesDavid Bier - E-Verify Mandate Is Costly For Businesses and WorkersCompetitive Enterprise InstituteNo ratings yet
- Any Controversies or IssuesDocument8 pagesAny Controversies or IssuesLapcan LaciNo ratings yet
- Network Security and PrivacyDocument8 pagesNetwork Security and PrivacyAjith PathiranaNo ratings yet
- Equifax Data Breach - A Case StudyDocument8 pagesEquifax Data Breach - A Case Studyprateen.ravikumar2No ratings yet
- Internet Banking Customer Awareness ProgramDocument2 pagesInternet Banking Customer Awareness ProgramAjin LalNo ratings yet
- 597 EdgeWave FinanceDocument10 pages597 EdgeWave FinanceJishnu MithreNo ratings yet
- Opposition Letter To SB 76 California Do Not Track BillDocument6 pagesOpposition Letter To SB 76 California Do Not Track Bills_klineNo ratings yet
- IT Failures and Cyber Attacks On Middle East Companies Highlight Data Risks of Outsourcing - Norton Rose FulbrightDocument2 pagesIT Failures and Cyber Attacks On Middle East Companies Highlight Data Risks of Outsourcing - Norton Rose FulbrightshajeerpcNo ratings yet
- Biancuzzo The Convergence of Law and Cybersecurity Nuix 3 7 2018Document3 pagesBiancuzzo The Convergence of Law and Cybersecurity Nuix 3 7 2018vv2285307No ratings yet
- 17ACT CyberGuideDocument8 pages17ACT CyberGuideleo5880No ratings yet
- Managing Data Compliance RiskDocument4 pagesManaging Data Compliance RiskthareNo ratings yet
- Seen and (Mostly) UnseenDocument16 pagesSeen and (Mostly) UnseenCenter for American ProgressNo ratings yet
- Credit Information Systems: US1DOCS 4781095v3Document8 pagesCredit Information Systems: US1DOCS 4781095v3Marcus MonocayNo ratings yet
- 21BPH018 - Cyber Security ProjectDocument8 pages21BPH018 - Cyber Security Project21bph018No ratings yet
- 2019 Privacy Data Security Report 508Document20 pages2019 Privacy Data Security Report 508Richard WilliamsNo ratings yet
- Cyber Laws&ForensicDocument20 pagesCyber Laws&ForensicJohn CenaNo ratings yet
- Q1: Homework (Week 10 Application) 2-3 Pages 3 References: Cyber Security VL Case StudyDocument17 pagesQ1: Homework (Week 10 Application) 2-3 Pages 3 References: Cyber Security VL Case StudyFarhan Sheikh MuhammadNo ratings yet
- Case Study Equifax Data BreachDocument6 pagesCase Study Equifax Data Breachhuyencute1701No ratings yet
- AIS Chapter 11 Case 1-3Document7 pagesAIS Chapter 11 Case 1-3Harold Dela Fuente100% (1)
- d0T03zVTR2dE9N81f0dAQ Compliance and Security 6Document3 pagesd0T03zVTR2dE9N81f0dAQ Compliance and Security 6Данила ВильховийNo ratings yet
- 00093-20040819 OSPBestPracticesDocument6 pages00093-20040819 OSPBestPracticeslegalmattersNo ratings yet
- Herbert Smith Freehills - Global Law Firm - Cyber Security Case Study - 2019-04-29 PDFDocument4 pagesHerbert Smith Freehills - Global Law Firm - Cyber Security Case Study - 2019-04-29 PDFAlina DamaschinNo ratings yet
- Creditcard SurveyDocument8 pagesCreditcard SurveyManmeet SinghNo ratings yet
- What Common Law and Common Sense Teach Us About Corporate CyberseDocument30 pagesWhat Common Law and Common Sense Teach Us About Corporate CyberseAnnikaNo ratings yet
- Rice-Consumer Protection AgendaDocument6 pagesRice-Consumer Protection AgendaCeleste KatzNo ratings yet
- Rice-Consumer Protection AgendaDocument6 pagesRice-Consumer Protection AgendadfreedlanderNo ratings yet
- Fair CollectionDocument65 pagesFair CollectionApurva NadkarniNo ratings yet
- Law Social Inquiry - 2017 - Talesh - Data Breach Privacy and Cyber Insurance How Insurance Companies Act AsDocument24 pagesLaw Social Inquiry - 2017 - Talesh - Data Breach Privacy and Cyber Insurance How Insurance Companies Act AsThe Xyrot PirateNo ratings yet
- 2013 Data Privacy ReportDocument11 pages2013 Data Privacy ReportJim KinneyNo ratings yet
- Abagnale Fraud Bulletin Vol 14Document24 pagesAbagnale Fraud Bulletin Vol 14O. Ch. Gabriel J.No ratings yet
- SafariDocument34 pagesSafariMyisha ReneeNo ratings yet
- Cyber Insurance Application: No. S-50191032M/2Document4 pagesCyber Insurance Application: No. S-50191032M/2marNo ratings yet
- Equifax Data Breach - Macey BlackDocument4 pagesEquifax Data Breach - Macey Blacksola.blackburnNo ratings yet
- Building A Better Credit ReportDocument24 pagesBuilding A Better Credit Reportcolonelcash100% (2)
- Ofac Ransomware AdvisoryDocument6 pagesOfac Ransomware AdvisoryBrian HennigNo ratings yet
- Generic Form Preview DocumentDocument4 pagesGeneric Form Preview Documentelena.69.mxNo ratings yet
- Research Paper On Electronic Fund TransferDocument4 pagesResearch Paper On Electronic Fund Transferwzsatbcnd100% (1)
- Data Protection United StatesDocument10 pagesData Protection United Statesaquinas03No ratings yet
- Stuart K. Pratt Consumer Data Industry Association Washington, D.CDocument22 pagesStuart K. Pratt Consumer Data Industry Association Washington, D.CgyistarNo ratings yet
- Jack Fekete - The Paper - 3022856Document20 pagesJack Fekete - The Paper - 3022856api-597162508No ratings yet
- Lawful Access: NDP MP Charlie Angus' Letter To Public Safety Minister Vic ToewsDocument4 pagesLawful Access: NDP MP Charlie Angus' Letter To Public Safety Minister Vic ToewsOpenMedia_caNo ratings yet
- Uilding A Etter Redit: EportDocument24 pagesUilding A Etter Redit: EportKirit DeyNo ratings yet
- Public Policy Principles For Electronic Commerce and InsuranceDocument8 pagesPublic Policy Principles For Electronic Commerce and Insuranceb_1980b2148No ratings yet
- EatStreet Delivery r3prfDocument4 pagesEatStreet Delivery r3prfCatalin Cimpanu [ZDNet]No ratings yet
- SEC Whistleblower Program: Tips from SEC Whistleblower Attorneys to Maximize an SEC Whistleblower AwardFrom EverandSEC Whistleblower Program: Tips from SEC Whistleblower Attorneys to Maximize an SEC Whistleblower AwardNo ratings yet
- Insurance Commission Signed LetterDocument2 pagesInsurance Commission Signed LetterMarkWarnerNo ratings yet
- Signed Pre-Ex LetterDocument4 pagesSigned Pre-Ex LetterMarkWarner100% (1)
- Resolution Honoring Hispanic Heritage MonthDocument6 pagesResolution Honoring Hispanic Heritage MonthMarkWarnerNo ratings yet
- GOE19968Document17 pagesGOE19968MarkWarner100% (1)
- Deepfakes Letter To TwitchDocument2 pagesDeepfakes Letter To TwitchMarkWarnerNo ratings yet
- Deepfakes Letter To PinterestDocument2 pagesDeepfakes Letter To PinterestMarkWarnerNo ratings yet
- Deepfakes Letter To TumblrDocument2 pagesDeepfakes Letter To TumblrMarkWarnerNo ratings yet
- 9.25.19 Letter To AgriLogic Industrial Hemp Crop InsuranceDocument2 pages9.25.19 Letter To AgriLogic Industrial Hemp Crop InsuranceMarkWarnerNo ratings yet
- Deepfakes Letter To YouTubeDocument2 pagesDeepfakes Letter To YouTubeMarkWarnerNo ratings yet
- Deepfakes Letter To TikTokDocument2 pagesDeepfakes Letter To TikTokMarkWarnerNo ratings yet
- MCG 19647 LatestDocument3 pagesMCG 19647 LatestMarkWarnerNo ratings yet
- ILLICIT CASH Act, As IntroducedDocument133 pagesILLICIT CASH Act, As IntroducedMarkWarner100% (1)
- The Illicit Cash Act One PagerDocument2 pagesThe Illicit Cash Act One PagerMarkWarner100% (1)
- MCG 19610Document3 pagesMCG 19610MarkWarnerNo ratings yet
- 2019.09.23 Warner USIP China SpeechDocument13 pages2019.09.23 Warner USIP China SpeechMarkWarnerNo ratings yet
- Letter To Congressional Leadership Re Miners Healthcare and PensionsDocument2 pagesLetter To Congressional Leadership Re Miners Healthcare and PensionsMarkWarnerNo ratings yet
- MobileXUSA Letter23Document2 pagesMobileXUSA Letter23MarkWarnerNo ratings yet
- US Customs and Border Protection Contractor Breach LetterDocument2 pagesUS Customs and Border Protection Contractor Breach LetterMarkWarner0% (1)
- President VCWarner 31JUL19Document2 pagesPresident VCWarner 31JUL19MarkWarnerNo ratings yet
- Letter To DOJDocument1 pageLetter To DOJMarkWarnerNo ratings yet
- CPSC Correspondence Re Beach UmbrellasDocument4 pagesCPSC Correspondence Re Beach UmbrellasMarkWarnerNo ratings yet
- Letter To EsperDocument2 pagesLetter To EsperMarkWarnerNo ratings yet
- 1532748281262Document31 pages1532748281262FranciscoNo ratings yet
- Math Rs Main QuestionDocument4 pagesMath Rs Main QuestionYoutube PremiumNo ratings yet
- What Is Webex Calling Sales Module GuideDocument3 pagesWhat Is Webex Calling Sales Module Guidesuhas555No ratings yet
- WebQual An Exploration of Website QualityDocument9 pagesWebQual An Exploration of Website QualityArmiasthoMiazNo ratings yet
- Cs 6212 ManualDocument96 pagesCs 6212 ManualVishnu KumarNo ratings yet
- Ii Ece B I SemDocument52 pagesIi Ece B I SemElectronics & communication engineering AstcNo ratings yet
- S1200CPU LAxesGrpCtrl DOC v11 enDocument62 pagesS1200CPU LAxesGrpCtrl DOC v11 enDavid JimenezNo ratings yet
- Cover Letter Examples For Every Type of Job Seeker - The MuseDocument14 pagesCover Letter Examples For Every Type of Job Seeker - The MuseJimmyNo ratings yet
- Manual Cantar Electronic Dibal VD-310Document34 pagesManual Cantar Electronic Dibal VD-310Prima VD50% (2)
- The Supplement Handbook: A Trusted Expert's Guide To What Works & What's Worthless For More Than 100 ConditionsDocument4 pagesThe Supplement Handbook: A Trusted Expert's Guide To What Works & What's Worthless For More Than 100 ConditionsMelissa STanNo ratings yet
- LMF Planning AreaDocument1 pageLMF Planning AreaKSNV News3LVNo ratings yet
- Modicon M258 - XBTZ9008Document2 pagesModicon M258 - XBTZ9008Andrian Fathurohman PermanaNo ratings yet
- 43-TV-25-30 Manuel MinirendDocument444 pages43-TV-25-30 Manuel MinirendFamc CmafNo ratings yet
- MEC101 C3 - Eng. Soln.Document24 pagesMEC101 C3 - Eng. Soln.kamalNo ratings yet
- ManuscriptDocument8 pagesManuscriptSebastianNo ratings yet
- Advanced Strategic ManagementDocument110 pagesAdvanced Strategic ManagementDr Rushen SinghNo ratings yet
- 4hana 1909Document60 pages4hana 1909ddharNo ratings yet
- Chapter 1 Introduction To ComputersDocument10 pagesChapter 1 Introduction To ComputersKate GuerreroNo ratings yet
- Panasonic Pi hl1104xk Digital Video RecorderDocument1 pagePanasonic Pi hl1104xk Digital Video Recorderknown knownNo ratings yet
- A Smart Bus Tracking System Based On Location-Aware Services and QR Codes 4Document5 pagesA Smart Bus Tracking System Based On Location-Aware Services and QR Codes 4Amanuel SeidNo ratings yet
- IELTS Practice Test 12 Writing AcDocument9 pagesIELTS Practice Test 12 Writing Achoward blaineNo ratings yet
- Image Enhancement RestorationDocument74 pagesImage Enhancement RestorationDarsh Singh0% (1)
- SAP QM Calibration MethodDocument3 pagesSAP QM Calibration MethodvrkattulaNo ratings yet
- KauneDocument7 pagesKauneEnos Marcos Bastos100% (1)
- 9tut Q&aDocument40 pages9tut Q&alucaluca2No ratings yet
- BSNL VMC AN1020-21 (Detailed Visual Guide)Document14 pagesBSNL VMC AN1020-21 (Detailed Visual Guide)Nagaraju Gunturu100% (1)
- Business Analyst JobDocument9 pagesBusiness Analyst JobEdmond KeraNo ratings yet
- Accenture Methodology Training Part 01Document12 pagesAccenture Methodology Training Part 01Christophe MarinoNo ratings yet
