Last week, the U.S. senator for New York Kirsten Gillibrand released draft legislation regarding data protection in order to establish an independent data protection agency in the country. If the law is passed, it will apply to any company with revenues over $25 million, or which manage the personal data of 50,000 or more people. In her opinion, the FTC Act does not address data protection challenges and the U.S. lags behind in addressing data protection challenges and many other challenges of this digital age as we do not even have a specific department to handle the data privacy rules. According to her blog,
“My legislation would establish an independent federal agency, the Data Protection Agency, that would serve as a ‘referee’ to define, arbitrate, and enforce rules to defend the protection of our personal data.”
Since the FTC Act does not fine for privacy violations immediately but does send a consent decree to the violator and make them promise that they will not violate rules again. In this case, the fines will be issued when the company violates that consent decree. Because of this rule, Facebook was fined $5 billion for privacy infraction in 2011 8 years later. Therefore, Gillibrand believes that FTC is not sufficient in solving privacy issues, and a federal data protection agency is needed to take the task with 3 core missions:
1. Enforcing data protection rules and give Americans control over their own data. In this case, the Authorities can not only conduct investigations and share their findings but also impose civil penalties.
2. Aiming at promoting privacy innovations, which include minimizing or eliminating the technologies that collect personal data.
3. Preparing the American government for the digital age by advising on emerging privacy issues and representing the US at international privacy forums.
Contact LIFARS Immediately for
Your Cybersecurity Mitigation Plans