A new effort is underway on Capitol Hill to reintroduce the Data Breach Prevention and Compensation Act
, which is designed to create a new level of accountability for large credit reporting agencies that were hit with data breaches involving consumer data.
The bill would provide the Federal Trade Commission (FTC) with more direct supervisory authority and the ability to enact mandatory penalties at the agencies that suffer a lapse in data security. The FTC would also be mandated to establish an Office of Cybersecurity to conduct annual inspections and supervision of cybersecurity at the agencies.
The bill’s co-sponsors, which include Sen. Elizabeth Warren (D-MA), insist that Equifax would have been fined at least $1.5 billion in penalties for its 2017 data breach
had this bill been law at the time.
"It's been nearly two years since Equifax put more than half of the adults in this country at risk by opening the doors to hackers, and this new report shows that this problem is far from fixed," said Warren. "Our bill would hold companies like Equifax accountable for failing to protect consumer data, compensate consumers injured by these breaches, and help ensure that these breaches never happen again."
Last year, Sen. Warren led a group of Democratic senators
in documenting what they claim to be “the first comprehensive review of consumer complaints in the wake of the 2017 Equifax breach,” criticizing how the Consumer Financial Protection Bureau (CFPB) responded to the data breach.