Recently, Google boss, Sundar Pichai faced a barrage of data security questions before the House Judiciary Committee over perceived bias of Google’s search engine and products against conservatives.
As proposed by Senator Brian Schatz, Amy Klobuchar and Cory Booker, along with over ten further supporters, the Data Care Act would put together a new set of rules regarding how organisations collect user data, and how that data is handled.
The Data Care Act would put obligations on data collectors to secure identifying information to a “reasonable” degree, and would stipulate that the data not be used in a harmful way.
In a further nod to the example set by Europe’s General Data Protection Regulation (GDPR), any instances of a data breach would have to be reported to consumers concerned.
Third party entities would also be covered by the Act’s governance, if they are the recipients of shared or sold data passed on by the data collector. The scheme would also give authorities power to issue financial penalties to companies that do not meet required levels of transparency when dealing with user data.
The bill is one in a raft of proposals motioned as Congress seeks for ways to develop uniform regulation through the tech industry in the States. Lawmakers such as Senator Ron Wyden, have put forward similar ideas, including an autumn bill to issue jail sentences to executives found guilty of mismanaging consumer data.
Privacy activists have given the Data Care Act a tentative thumbs-up, while legislative analyst, India McKinney, has stated that the Electronic Frontier Foundation (EFF) “will look forward to working with the Senator to improve his bill and to advance information fiduciary protections that will meet the needs of Internet users and adequately safeguard consumer data privacy as a part of comprehensive privacy legislation.”
In a statement, Senator Brian Schatz said:
“People have a basic expectation that the personal information they provide to websites and apps is well-protected and won’t be used against them. Just as doctors and lawyers are expected to protect and responsibly use the personal data they hold, online companies should be required to do the same.”
European Data Protection Summit will take place on June 3rd in Central London and will play host to 800 DPO’s, Security Professionals and senior business decision makers looking for; information, updates, clarity, advice and solutions. For more information, visit the website.