What the Data Breach Prevention and Compensation Act Could Mean for You

Posted by Erica Steeves on January 22, 2018

What the Data Breach Prevention and Compensation Act Could Mean for You

gettyimages-464308128

The big Equifax hack of 2017 created a mess for a lot of American consumers. In fact, it’s estimated that about 143 million Americans were victimized in the hack, and the hack has the potential to be very detrimental in the long-term should the hackers take the confidential information that they swiped and put it to use. As if the hack wasn’t bad enough, Equifax was widely criticized for how it handled the matter and its lack of transparency with consumers. Bottom line: The hack was a raw deal, especially for American consumers. Equifax, while subject to bad publicity, might end up making money off of it in the long run.

There could be hope moving forward, however. A new bill introduced by U.S. Senators Elizabeth Warren (D-Massachusetts) and Mark Warner (D-Virginia) would penalize the credit reporting agencies in the event of any future data breaches. The thinking behind the bill is that any future data hacks wouldn’t just spell bad news for American consumers, but for the agencies that left consumer data susceptible too. The bill is a direct response to the perception that credit bureaus aren’t doing enough to protect the data they collect.

What this bill would mean:

There’s no word on whether the bill will be going to a vote, but here’s a closer look at what the bill would mean should it pass:

  • Credit reporting bureaus would be subject to regular inspection by the Federal Trade Commission (FTC) to ensure that they’re taking the proper measures to protect confidential consumer data.
  • Should a data breach occur, the FTC would be authorized to fine the credit reporting agencies $100 per consumer affected. The bill calls for half of the amount collected for such purposes to go to the consumers that were impacted. Think about that for a moment. If this bill were in effect when the Equifax hack occurred, the FTC could have collected up to $14.3 billion in penalties, with over $7 billion getting kicked back to the consumers who were victimized.
  • Senator Warren hasn’t been a stranger to proposing credit-related legislation. Following the 2017 Equifax hack, she proposed a pair of bills. One would have prohibited employers from making hiring decisions based on a person’s credit. The other would have allowed consumers to indefinitely freeze and unfreeze their credit any time they wished for free. Neither bill made it out of committee and to vote, however.
  • The Consumer Industry Data Association opposes the proposed bill, stating that the reporting bureaus already follow stringent enough standards. In a statement to CNET, its president and CEO said the bureaus would, however, like to work with Congress to make credit reporting safer and more secure.
The 2017 Equifax hack was blamed on a pair of issues – human error and a technical mishap. With that in mind, it’s enough to wonder if just one of the issues were to have been removed if the data breach would have occurred at all. For some, the proposed bill may be viewed as even more red tape in an already highly regulated field. But when it comes to data as confidential as social security numbers and credit information, can you really be too careful?