The bill would make companies subject to fines from the Federal Trade Commission if they poorly protect data.
A bill introduced in the Senate Tuesday would add a new layer of accountability for companies that fail to secure users’ personal data online.
The Data Care Act, introduced by Sen. Brian Schatz, D-Hawaii, would establish new, explicit rules for how companies that collect user information online can secure, safeguard and responsibly share that information.
Under the bill, companies that do not meet “reasonable” duties of care, loyalty and confidentiality—including instances where data is provided to third parties—would be treated as in violation of a Federal Trade Commission rule and subject to fines.
“People have a basic expectation that the personal information that is collected by websites and apps is well-protected and won’t be used to harm them. Just as doctors and lawyers are expected to protect and responsibly use the personal data they hold, online companies should be required to do the same. Our bill will help make sure that when people give online companies their information, it won’t be abused,” Schatz said in a statement.
Schatz previously introduced a version of the bill in late 2018 but it failed to clear Congress, along with a series of other privacy- and tech-related legislation.
This time around, Schatz’s privacy bill has renewed interest, at least among Democrats. Schatz’s bill has 15 Democratic or Independent co-sponsors, including Sens. Amy Klobuchar, D-Minn., Cory Booker, D, N.J. and Bernie Sanders, I-Vt.
It follows another privacy bill introduced by Sen. Ron Wyden, D-Ore., in October that would also expand the FTC’s authorities. In Wyden’s bill, the Mind Your Own Business Act, could leave tech executives open to criminal prosecution in certain data breach scenarios.
NEXT STORY: GAO Hires First Data Scientist