Slashdot Mirror

← Back to Stories (view on slashdot.org)

Senator Introduces Bill That Would Send CEOs To Jail For Violating Consumer Privacy (vice.com)

Posted by BeauHD on from the internet-privacy-protections dept.

Oregon Senator Ron Wyden has introduced the Consumer Data Protection Act that "would dramatically beef up Federal Trade Commission authority and funding to crack down on privacy violations, let consumers opt out of having their sensitive personal data collected and sold, and impose harsh new penalties on a massive data monetization industry that has for years claims that self-regulation is all that's necessary to protect consumer privacy," reports Motherboard. From the report: Wyden's bill proposes that companies whose revenue exceeds $1 billion per year -- or warehouse data on more than 50 million consumers or consumer devices -- submit "annual data protection reports" to the government detailing all steps taken to protect the security and privacy of consumers' personal information. The proposed legislation would also levy penalties up to 20 years in prison and $5 million in fines for executives who knowingly mislead the FTC in these reports. The FTC's authority over such matters is currently limited -- one of the reasons telecom giants have been eager to move oversight of their industry from the Federal Communications Commission to the FTC. "Today's economy is a giant vacuum for your personal information -- everything you read, everywhere you go, everything you buy and everyone you talk to is sucked up in a corporation's database," Wyden said in a statement. "But individual Americans know far too little about how their data is collected, how it's used and how it's shared."

"It's time for some sunshine on this shadowy network of information sharing," Wyden said. "My bill creates radical transparency for consumers, gives them new tools to control their information and backs it up with tough rules with real teeth to punish companies that abuse Americans' most private information."

47 of 104 comments (clear)

  1. Zuck and Trump should be cellmates. by Anonymous Coward · · Score: 5, Funny

    It would be fitting torture for both.

    1. Re: Zuck and Trump should be cellmates. by shm · · Score: 1

      For once I can agree with AC Frist poster.

    2. Re:Zuck and Trump should be cellmates. by No+Longer+an+AC · · Score: 1

      I think that would violate the 8th Amendment regarding cruel and unusual punishment.

      Can you imagine being forced to share a cell with either one of them?

      And as much as I loathe FB and Zuckerberg, I'm not sure there's anything criminal about either.

      I dislike Trump even more, but I only suspect him of crimes mostly concerning money and hopefully Mueller will figure it out. Maybe it will turn out that Trump is as pure as the driven snow?

      I didn't type that last bit with a straight face, BTW.

      At best, Trump just surrounds himself with criminals and fraudsters.

      I don't suppose they allow you to pick your cellmate in prison.

    3. Re:Zuck and Trump should be cellmates. by kilfarsnar · · Score: 1

      Here come the NPCs who propose torturing those they disagree with.

      The fact that you go around using a right-wing meme to accuse people of not thinking independently is kind of ironic.

      --
      "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
    4. Re:Zuck and Trump should be cellmates. by kilfarsnar · · Score: 1

      serious question: why should trump go to jail?

      Serious answer: For laundering Russian mob money for decades. He has also obstructed justice and violated campaign finance laws. I'm not sure if breaking campaign finance laws carries a punishment of jail time, however.

      --
      "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
  2. Not nearly enough by MikeRT · · Score: 4, Insightful

    Those brokers are not nearly as dangerous as things like Google buying access to MasterCard's data. Facebook and MasterCard also appear to have bidirectional sharing agreement.

    If you don't touch that, it's like fighting the drug war while conspicuously avoiding ever moving on the cartels and focusing only on street dealers and their suppliers.

    1. Re: Not nearly enough by Anonymous Coward · · Score: 1

      So it's business as usual because that is exactly how we fight the drug war.

  3. This guy deserves a medal... by Narcocide · · Score: 5, Insightful

    ... for the most futile good-will gesture in all of history.

  4. More grandstanding with worthless legislation. by Hylandr · · Score: 2

    companies whose revenue exceeds $1 billion per year -- or warehouse data on more than 50 million consumers or consumer devices -- submit "annual data protection reports"

    So, Only the biggest companies with the biggest legal depts are required to 'self report'?

    Thanks Senator (x) That will be so helpful let me give you all our votes.

    --
    ~ People that think they are better than anyone else for any reason are the cause of all the strife in the world.
    1. Re:More grandstanding with worthless legislation. by zamboni1138 · · Score: 1

      I see, and what is your Senator doing?

    2. Re:More grandstanding with worthless legislation. by MacDork · · Score: 1

      I have more than 50M records at work. I'm the lead (read: only) programmer on the project. My company thinks a $2000 laptop is too expensive to buy for me. They'll soil their pants when I deliver this news to them.

    3. Re:More grandstanding with worthless legislation. by Hylandr · · Score: 1

      Do they have more than 1bn in revenue also?

      --
      ~ People that think they are better than anyone else for any reason are the cause of all the strife in the world.
    4. Re:More grandstanding with worthless legislation. by Methuseus · · Score: 1

      It's or, not and. It's not hard to reach 50 million customers in the US if you operate across more than 5 states..

      --
      Two things are infinite: the universe and human stupidity, though I'm not yet sure about the universe. - A Einstein
    5. Re:More grandstanding with worthless legislation. by Thelasko · · Score: 1

      companies whose revenue exceeds $1 billion per year -- or warehouse data on more than 50 million consumers or consumer devices -- submit "annual data protection reports"

      So, Only the biggest companies with the biggest legal depts are required to 'self report'?

      Thanks Senator (x) That will be so helpful let me give you all our votes.

      Laws like this are why Delaware allows shell companies.

      "We don't have 50 million users, we have exactly 49,999,999 users. Never mind those dozen other companies with P.O. boxes over there. They have nothing to do with us."

      --
      One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
  5. Why don't we include the government in that? by SensitiveMale · · Score: 1, Insightful

    I trust private companies more than the govt.

    1. Re:Why don't we include the government in that? by Anonymous Coward · · Score: 2, Insightful

      Really? Do you trust them not to be in bed with the government too?

    2. Re:Why don't we include the government in that? by Antiocheian · · Score: 1

      Is there any difference between them anymore ?

    3. Re:Why don't we include the government in that? by doom · · Score: 4, Insightful

      I trust private companies more than the govt.

      And I trust almost anyone more than people who are still saying stuff like this.

    4. Re:Why don't we include the government in that? by AHuxley · · Score: 1

      They did PRISM for free. All that data from "trusted" US private companies direct into the US gov/mil :)
      From deep in the big brands own networks. Unencrypted so the US gov could work with the data sets.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:Why don't we include the government in that? by PJ6 · · Score: 1

      I trust private companies more than the govt.

      The Corporation

    6. Re:Why don't we include the government in that? by whoever57 · · Score: 3, Insightful

      Perhaps that's the real motivation for this bill: Make CEOs think twice before cooperating with the NSA in invading the privacy of US citizens.

      --
      The real "Libtards" are the Libertarians!
    7. Re:Why don't we include the government in that? by cascadingstylesheet · · Score: 1

      I trust private companies more than the govt.

      So you want to get rid of income tax withholding? The government has known where everyone lives and works and their family members and ages and how much money they make for many decades.

      You want to get rid of "information sharing" for the ostensible purposes of tracking down "deadbeat dads"? That was the way that having every agency (from dog and hunting licenses on up) feed into giant data warehouses was sold.

      You want to get rid of government identity documents? Now they're kinda useful though ...

    8. Re:Why don't we include the government in that? by e3m4n · · Score: 1

      thats not saying a whole lot for me, I really distrust the government. Private companies that manage to have 427 private whitehouse meetings within a 4 year span with said government are just an extension of such IMO

  6. Add robocallers by Camel+Pilot · · Score: 1

    And it has my support...

    1. Re:Add robocallers by Drishmung · · Score: 1

      And my rubber chicken.

      --
      Protoplasm. Quiet Protoplasm. I like quiet protoplasm.
  7. simple solution by supernova87a · · Score: 2

    Jail is too far off a concept for people in charge. I always felt that a simple solution would be to immediately charge companies the following penalty schedule for losing each customer record:

    $2 for each name + password
    $5 for phone number
    $10 for social security number

    And multiply for combinations of the above. You'll see companies start fixing their processes (or simply refusing to store unnecessary data, right quick.

    1. Re:simple solution by Cmdln+Daco · · Score: 1

      Social security numbers should not be secret. They should be published in a big directory where anybody can look them up. They were never intended to be 'secret codes' and the credit industry should not be allowed to use them that way.

      The only reason the credit industry wants them to be 'secret codes' is so that they can casually offer credit cards at the cash registers of stores. Which would be impossible without 'secret' SSNs.

    2. Re:simple solution by froggyjojodaddy · · Score: 1

      I fear monetary fines aren't always enough. They'll pay them somehow and then end up laying off thousands of staff to help recover their cost. The CEO won't get a pay hit or even worry about his/her job but it'll be the lower rank employees that come out worse.

      However, if the CEO thinks there's a risk of going to jail, they're gonna be very motivated to ensure they have proper data management procedures in place.

    3. Re:simple solution by Anonymous Coward · · Score: 1

      Use of social security numbers for anything but social security was initially illegal. But the "easy" button of having a unique identifier for every citizen and legal immigrant became too much of a temptation.

      Just like Congress's use of the legally separate Social Security fund to expand the monies for Federal budgets was too big a temptation.

  8. Assuming this ever passes... by mschaffer · · Score: 1

    If this ever passes I doubt you would even see a "perp walk", let alone jail time, from the worst offenders.

    1. Re:Assuming this ever passes... by hambone142 · · Score: 1

      "CEOs" will just call themselves something else to circumvent the sanctions.

  9. Indeed. Government corrupts Corps, not other way. by Anonymous Coward · · Score: 1

    That's the fundamental problem: Government represents a gun that deep pockets can pay to point at their competition; it's not the case that Big Business corrupt government, but rather it's the case that Big Government corrupts businesses.

    We had the same problem with religiosity, each sect trying to grab that big governmental stick and thereby beats its will into anyone who had another opinion. We solved that problem with the

            Separation of Church and State.

    Now, we need a

            Separation of Business and State.

    The role of the government was never meant to be the chooser of winners and losers—that's the role of The People. The American experiment was to create a government whose sole role is to protect the rights of each individual, chief among which are the rights to Life, Liberty, and the Pursuit of Happiness (i.e., the pursuit of self-interest). This experiment has failed, because The Founders forgot to forbid government from usurping The People's right to be the sole owners of society's resources.

  10. No, Wyden did not introduce anything to the Senate by Anonymous Coward · · Score: 1

    He released a "discussion draft" of a bill he might introduce later, assuming that Sen. Menendez's 2017 bill, "Consumer Data Protection Act" and other bills in the Senate and House addressing the same issue don't go anywhere.

    More posturing for the home crowd to make it look like he's getting something done in Congress.

  11. Re:Bill is DOA by Impy+the+Impiuos+Imp · · Score: 3, Interesting

    You only think that's not the real reason behind almost all legislation.

    In about 2/3 of the world, you go into government because that's where the money is -- getting in the way of business and people, so you can get paid to get back out of the way. And I'm not just talking politicians.

    It's much more restricted in the West, but far from gone.

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  12. A few decades will do by WillAffleckUW · · Score: 1

    Just saying.

    --
    -- Tigger warning: This post may contain tiggers! --
  13. He was never charged. by raymorris · · Score: 1

    > Not that he was part of the financial crisis, but Rick Scott, the governor of Florida, was an exec that was tried for fraud.

    Nope. He was never charged.

    If you said you think he should have been charged, based on you having looked at the evidence, I wouldn't argue. The fact is, the prosecutors didn't see any reason to charge him personally.

  14. Riiiiiiigggghhhhtttt..... by Shaitan · · Score: 1

    "tough rules with real teeth to punish companies that abuse Americans' most private information"

    I highly doubt it.

  15. Re:Finally! by Shaitan · · Score: 1

    This insane data sucking shouldn't be an option. Making it opt-in just means they make it a condition of using the service and bury it in some legalize somewhere or even not, people will still opt-in to use whatever platform. Some things you just have to take off the table. You see how well "opt-in" works for using invasive drug testing and irrelevant credit history for employment.

  16. It's a start.... by Rick+Zeman · · Score: 1

    ...and also throw the executive suite in jail for polluting and all sorts of other malfeasance.
    After all, if companies have the rights of persons, they should be treated like them.

    1. Re:It's a start.... by cmdr_klarg · · Score: 1

      Up to an including the death penalty.

      --
      THE SOFTWARE, IT NO WORKY!!!
  17. "who knowingly mislead" by PJ6 · · Score: 1

    Then they could just claim ignorance, so this is useless.

    Wrong idea anyway, shareholders are the ones that should be punished.

    Wipe out 15% of their stock value, then let them sue the CEO for negligence.

  18. Need larger fines by techdolphin · · Score: 1

    I hope Sen. Wyden bill passes. However, I think the fines need to be larger. I would impose fines of at three times the revenue or profit from selling the data plus the $5 million fine. Otherwise, if a company makes $500 million from selling data, having to pay a $5 million fine is a business risk I might take. However, if the fine was $1.5 billion, I would be much more careful.

  19. Re:5 million dollars is nothing to a CEO by terrycarlino · · Score: 1

    You obviously don't understand how Social Security works. Does the phrase Ponzi Scheme mean anything to you? Social; Security is a Ponzi Scheme. It isn't "your money" once you give it to the government. It's a kind of tax that's used to pay people already receiving Social Security. It's a tax paid by you and your employer to allow people already receiving Social Security to be paid.

    When the program was started the people to first receive Social Security payments hadn't paid in anything. They qualified because they were breathing and above a certain age. It was Roosevelt's scheme to lower the unemployment numbers by paying people to leave the workforce. In some way it's purpose is still to do that.

    "Your money" doesn't get put into a bank account, investment account or even a piggy bank. The majority of it is used to pay people now on Social Security. The rest is spent by the government as part of the general fund.

    As the ratio of retired workers to working workers increases the scheme will unravel as do all Ponzi Schemes.

  20. Senator Heidi Heitkamp by glennrrr · · Score: 1

    Recently Senator Heitkamp deliberately used private information from women without their consent in a campaign ad. Would this bill apply to her and put her in jail? Or is there a loophole for politicians?

  21. Re: As usual by Vskye · · Score: 1

    Because maybe the Equifax execs should be in prison? Having NO punishment for these blatant security issues should carry some prison time. Then perhaps they'd do the proper testing and shit to begin with.

    --
    Life was hell, then I discovered Linux...
  22. Re:Finally! by Anonymous Coward · · Score: 1

    You are so high and mighty, but fail to realize people do not know everything and will never understand everything. Each time there is something, someone like you is here gloating about being so damn smart about it. But there are millions of different scenes where you have to shine and even if you shine here now, then at some other thing, you are just as "dumb" as the rest of the people.

    And then who are you gonna call?

  23. $5 Million? For Billionaires? by Artagel · · Score: 1

    The cash penalty should include forfeiture provisions for money made from the misbehavior. A lot of these guys have options that would tank if that happened. It would also give boards of directors and shareholders reasons to worry about the issue too.