Oregon Senator Ron Wyden is pushing new legislation that would see CEOs and other high ranking executives arrested and charged if their companies mishandle consumer data. Engadget reports that “Senator Wyden wants to jail execs who don’t protect consumer data.”
“Sen. Ron Wyden (D-OR) released a draft the Consumer Data Protection Act, which would create new protections for consumer information and strict punishments for those found to be abusing user data. The proposed bill would send senior executives to jail for 10 to 20 years if they fail to follow the guidelines for data use.”
Senator Wyden’s proposal includes expanding the oversight powers of the FTC to include companies that handle information of more than a million people, and that make more than a $1 billion in revenue. These companies would be obligated to submit reports on data breaches and the like, such as the one that Google recently tried to bury because they didn’t want the bad press.
These check-ins would be mandatory. Failure to comply would carry an equally mandatory jail sentence for executives. One problem with the proposal is that it is not clear on exactly which executives would have to pay the price. Is it the overworked IT guy, or the CEO whose unreasonable demands and policies created an environment of lax data security? Would Mark Zuckerberg be the one wearing stripes for the Cambridge Analytica debacle, or some nameless drone?
The first violation would cost a company 4 percent of its revenue. It is not clear if this is annual or quarterly revenue. It is also not spelled out what would trigger the jail time. Is it the second offense? The third? Is there an escalating fee? We don’t know what Wyden has in mind.
He further proposes a Do Not Track list similar to Do Not Call. It would allow consumers to opt out of data tracking and transfer. One company could not sell or share your data with another for any reason, including targeting advertising. Companies would be allowed to charge customers a fee for services that would otherwise be free with the use of your data.
There are already Do Not Track systems in popular browsers like Apple’s Safari. The problem is those systems are not very effective. And there is no penalty associated with companies ignoring the settings. The Do Not Call system is also not very effective. Robocalling is more of a problem than ever. Wyden believes that putting executives in jail might provide the proper incentive to do better.