Marriott attack adds urgency to calls for tougher privacy laws in US

Democratic senators are demanding tougher data privacy laws and bigger fines in the States for organisations that fall short in their duty to safeguard user data, the Inquirer reports.

 The calls follow revelations of a hack suffered by the Marriott hotel chain that may have compromised the personal data of up to 500 million of the organisation’s customers.

Senator Richard Blumenthal tweeted:

“We must set clear customer data protection standards for all companies — whether they’re hotel chains, online retailers, or big tech — and severe penalties for those who fall short.”

Congress has come under increased pressure for more stringent data security legislation through the encouragement of Senators Mark Warner and Ed Markey, who have insisted that limits need to be put in place on how much user data companies in the States are permitted to store.

Another politician, Senator Ron Wyden pushed further, stating that senior executives who do not respond to the need to protect customer data should receive prison sentences.

Record-breaking data breaches

Last week news broke of a hack on Marriott International’s Starwood network that had been going on since 2014.

W Hotels, Sheraton, Le Le Méridien and Four Points by Sheraton are among the hotels operated under the Starwood brand, which holds more than 5,800 properties.

The database that was accessed is believed to hold the records of up to 500 million users – a breach that potentially ranks among the most significant in consumer data history.

Mounting pressure

Now more lawmakers and figures of influence in the US are turning their gaze towards the example set by the EU’s General Data Protection Regulation (GDPR) which can issue huge fines to companies that fail to live up to new standards in data security.

GDPR was hailed by Apple’s chief executive, Tim Cook, during his keynote in Brussels last month, where he called for a “comprehensive federal privacy law”.

Audience members at the 40th International Conference of Data Protection and Privacy Commissioners heard the tech boss describe privacy as “a fundamental human right”, a tone which is being taken up by more politicians in the US.

Taking to Twitter, Senator Wyden spoke of the need for “harsh fines and prison terms” for organisations that do not handle consumer data responsibly.

Now being drafted for introduction in the New Year is a bill to establish a new office with the Federal Trade Commission.

Named the Bureau of Technology, the proposed office would have new powers to leverage against businesses for inadequate data management behaviours, and would bring regulation to a largely “unregulated market for private data.”

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.