Senator Ron Wyden of Oregon

Senate Bill Would Impose Steep Fines, Potential Jail Time For Executives Who Violate Data Privacy Rules

Sen. Ron Wyden, a staunch advocate of increased cybersecurity regulations, introduced the legislation as part of an effort to track how companies collect and share customer data.

Sen. Ron Wyden (D-Oregon), an outspoken advocate of increased data privacy and cybersecurity regulations, has introduced legislation that would empower the Federal Trade Commission to impose “steep fines” on companies for data breaches and lax cybersecurity practices. 

Under Wyden’s proposal, called “The Mind Your Own Business Act,” corporations could be fined up to 4 percent of annual revenue on their first offense. Company executives could face 10 to 20-year criminal penalties if they knowingly lied to the FTC. These measures would make the commision an “effective cop on the beat,” Wyden said in an Oct. 17 announcement

“Mark Zuckerberg won’t take Americans’ privacy seriously unless he feels personal consequences,” Wyden said in a statement targeting the Facebook CEO. “A slap on the wrist from the FTC won’t do the job, so under my bill he’d face jail time for lying to the government.” 

Currently, the FTC has the ability to sue businesses after a data breach if their cybersecurity standards were inadequate, but the agency cannot outline what those standards are beforehand, The Washington Post reported. The FTC also cannot issue fines unless corporations violate earlier agreements with the government to fix their cybersecurity issues. 

Wyden’s bill would allow the commission to go after companies that have not signed those agreements, meaning that “first-time offenders” could face penalties. A draft of the legislation was circulated last November, giving Wyden time to integrate feedback, he said. 

In addition to the FTC provisions, the bill would create a national “Do Not Track” system that lets consumers opt out of companies tracking their activity on the web, selling or sharing their data, and targeting ads based on that information. Consumers would have a way to review what personal information has been collected about them and which companies have accessed it. 

“I spent the past year listening to experts and strengthening the protections in my bill,” Wyden said. “It is based on three basic ideas: Consumers must be able to control their own private information, companies must provide vastly more transparency about how they use and share our data, and corporate executives need to be held personally responsible when they lie about protecting our personal information.”

A more moderate version of the bill has gained momentum in the House of Representatives, where the Democrats hold the majority. While the Information Transparency and Personal Data Control Act would give consumers the ability to opt out of data collection, storage and sharing, it does not include provisions for executive jail time or the potential for states to pass their own laws. 

The bill, sponsored by Democratic Rep. Suzan DelBene of Washington, earned the support of a group of centrist Democrats earlier this week. Under the law, the FTC would have more authority to pursue data privacy violations. 

“I’m very pleased this critical legislation has received the support of my New Democrat colleagues,” DelBene said in a statement reported by The Hill. "Our coalition is about finding solutions to tough problems, and my legislation is an important step toward ensuring that consumers have more control over their most sensitive information.” 

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3