![]() No federal pre-emptionįederal law should set a floor-not a ceiling-for privacy protection. Congress should empower the FTC-an expert agency once tasked with data privacy regulation-to set and enforce sound security standards. Stronger rule-making authority for the FTCįederal regulators must have the authority and funding to write and enforce consumer privacy rules. The law should prohibit companies from denying services, charging different prices, providing different quality levels, or otherwise discriminating against users who choose more private options. One good way to facilitate better oversight comes from Vermont’s new data privacy law, which requires data brokers to register annually with the government. Worse, many data brokers fail to securely store this sensitive information, predictably leading to data breaches. Data broker registrationĭata brokers harvest and monetize our personal information without our knowledge or consent. Because data harms can be hard to quantify financially, the law should provide statutory or liquidated damages, like it does for illegal wiretapping, where Congress long ago recognized that there should be no requirement to show financial harm in order to recover. We need to ensure a direct, private cause of action for data breaches and other digital privacy harms to give victims a more reasonable day in court than they have now. A strong information fiduciary law would require that companies follow best practices and exercise care to protect user information as a matter of course-not as a negotiated settlement years later. This one is simple: companies that collect your personal information should have a legal duty to protect it. Information fiduciary and national data breach notification rules If Congress wants to protect consumer privacy, it should enact legislation with the following rules and protections. We have said it before and will say it again: without new privacy laws, or a change in how the courts view those harms, companies will not adequately invest in consumer privacy protection. While it’s easy to be angry at the FTC, the problem really lies with the current state of privacy law. ![]() And financial penalties should be high enough to incentivize better data privacy practices in the future. If they don’t, they should pay for the harm that ensues. Consumers intuitively know what EFF has said all along: the companies that store consumer’s personal information-often without their knowledge-have an obligation to protect it. The “unexpected” number of claimants in this case should strongly signal to policymakers that Americans care about the security of their personal data. ![]() Even worse, it instituted a variety of new burdensome, bureaucratic steps required to claim the monetary award to nudge victims away from financial compensation.Ĭonsumers should not have to jump through hoops to receive compensation for serious data privacy harms. The government apparently failed to anticipate that, out of 147 million Americans victims, more than the maximum 248,000 who could have claimed their $125 without reducing the award given to each person would have opted to do so. Nowhere near the $125 they could have gotten if there hadn’t been such an enormous number of claims filed.” In a blog post, the FTC told consumers that, because an “unexpected number” of victims filed claims, “each person who takes the money option will wind up only getting a small amount of money. Less than one week after it announced the settlement, the commission began encouraging consumers to forego the monetary compensation in favor of free credit monitoring, even if they already had it. But we also noted that the $125 payments would come from a $31 million fund, meaning that if all 147 million victims chose the payment, each person’s payment would be reduced on a pro rata basis to as little as 21 cents each. The FTC directed consumers affected by the breach to a third-party website where they could quickly and easily file their claim.Īt the time, EFF tepidly commented on the settlements’ efforts to compensate consumers. After Equifax’s calamitous 2017 data breach, its settlement with the Federal Trade Commission (FTC) and the private attorneys representing victims appears to offer two potential remedies to all 147 million American consumers affected: free credit monitoring, or if individuals already had free credit monitoring, an up to $125 cash payment.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |