TEN to TWENTY years Jail Time for violating privacy laws?! Is the U.S. moving toward regulations similar to GDPR but with added penalties that include years in Jail for Execs who lie on reports?
“A proposed Senate bill takes aim at consumer privacy rights with harsh penalties for companies that violate privacy laws. Introduced by Sen. Ron Wyden, D-Oregon, the bill would apply to companies that generate more than $50 in revenue and with personal data on more than 1 million people.
If passed, the Consumer Data Protection Act would overhaul internet privacy protections on par with EU General Data Protection Regulation and give the Federal Trade Commission the ability to enforce those consumer privacy rights.”
“Further, large companies would need to submit annual privacy reports to the FTC based on those standards, which would be verified by the company’s senior executives. Included in the reports, would be details on how the company complied with the new privacy rules. The harshest penalty for lying on these reports or failing to disclose a breach? Ten to 20 years in prison for the executive responsible for the report.” https://www.healthcareitnews.com/news/proposed-privacy-bill-mirrors-gdpr-adds-jail-time-lying-ceos for the full article and https://martechtoday.com/company-execs-could-go-to-jail-for-misusing-data-under-proposed-u-s-data-privacy-law-227340 for their rendition of the same topic
The ramifications of this bill, or a similar bill, passing in the U.S. will forever change how companies conduct themselves when addressing their data needs. The need to be responsible for the data collected may cause overwhelming activity for years in the IT divisions of many companies that have not yet been concerned with data protection. Executives will need to choose their advisers and vendors well in order to protect themselves from the ultimate in penalties.
As a result of this proposed Senate Bill even being considered, we probably will see executives scrambling to find additional assistance in the data compliance arena. They will need legal and technical support to navigate regulations even before they become law. Many companies have waited because they believe protecting customers data is just too difficult and expensive. Regulations similar to those now being proposed would certainly change how executives calculate what is too expensive or too difficult.
The stakes have been raised, C level Executives may have relied on IT and third-party service organizations for less comprehensive solutions that unfortunately still allowed hackers to capture their customer’s personal data. However, with the U.S. and so many other countries initiating data compliance regulations with teeth, Real Solutions that include encryption of personal data are needed.
The possibility of Jail time is just not acceptable for executives, and in my opinion, companies will require far stronger penalties and obligations in contracts with auditing firms and third-party service organizations to ensure they are not placed in uncomfortable situations. I also imagine that auditing firms and third-party vendors will need more powerful, sophisticated Data Compliance tools at their disposal so that they can be confident their findings are accurate.
To learn more about your architecture and Compliance projects for Companies, and White Labeling of GDPR and general Regulatory Compliance Technology for Service Providers, feel free to reach out and setup a time to discuss your needs. Steven Meister firstname.lastname@example.org https://gdprapplication.blog/ https://gdprcompliacnymaster.blog/ 847.440.4439 GDPR App Video https://youtu.be/nwwqZTY_6Gc Point-Of-Sale-Video https://youtu.be/iKENBHf6L_I