GAO Gives Congress Go-ahead For a GDPR-like Privacy Legislation

An independent report authored by a US government auditing agency has recommended that Congress develop internet data privacy legislation to enhance consumer protections, similar to the EU's General Data Protection Regulation (GDPR). From a report: The 56-page report [PDF] was put together by the US Government Accountability Office (GAO), a bi-partisan government agency that provides auditing, evaluation, and investigative services for Congress. Its reports are used for hearings and drafting legislation. The House Energy and Commerce Committee, which requested the GAO report two years ago, has scheduled a hearing for February 26, during which it plans to discuss GAO's findings and the possibility in drafting the US' first federal-level internet privacy law. If the committee's members would be to follow GAO's conclusions, a GDPR-like legislation should be coming to the US.

Re:Lawyers always win

[Waffle+Iron]

It's not my problem if an outfit is too small to responsibly handle my data. They need to up their game on security or get out.

Re:Lawyers always win

[Guybrush_T]

That, or stop asking customer tons of personal information then store it in an xls file accessible to everyone on the cloud.

That's by far the biggest win of GDPR. And small shops in EU didn't disappear due to GDPR. They just need to stop doing stupid things that will hurt them and their customers.

Re:Lawyers always win

[WolfgangVL]

Boo-hoo, cry me a river. If safeguarding my personal information puts your business in the red, then maybe you should stop collecting so much personal information.

You want to hoover up every bit of PI you can find about me, you're on the hook to safeguard it. As it stands right now, there is no reason not to gobble up every little data point you can get your hands on, no matter if it's relevant to your business/service or not. When you lose it (you will) you lose nothing.

Over the past 5 years or so, have you noticed how every damn thing wants you to setup a profile? Notice how these profiles are asking all sorts of different data points that have shit-nothing to do with the provided service? Right now there is no reason not to ask for everything from sexual preference to political association, and turn around and sell to the first bidder.

There is freemium services, and then there is what we have now. Something has got to change. If I have to click through a "we use cookies" banner from time to time, and in return, my valuable personal information is treated with a little respect.... I'm ok with that.