Facebook Twitter Instagram
    Mortgage.info
    • First Time Homebuyer
    • Loan Programs
    • VA Programs
    • Refinancing
    • Beyond the Mortgage
    Mortgage.info
    Home»Credit Reports»Senators Propose Measures to Protect Consumer Data Post-Equifax Breach
    Credit Reports

    Senators Propose Measures to Protect Consumer Data Post-Equifax Breach

    JustinBy JustinJanuary 25, 2018No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    The proposed legislation contemplates the creation of a separate cybersecurity office at FTC that will come up with new standards to prevent any consumer data breach.

    Arguably the biggest data breach of 2017, approximately 143 million Americans’ sensitive personal data were compromised when hackers breached Equifax’s systems. A new bill authored by Senators Elizabeth Warren (D-MA) and Mark Warner (D-VA) wants to stop such data breaches at Equifax and other applicable credit reporting agencies (CRAs).

    CRAs compile information that goes to a consumer’s credit report that will be pulled by lenders when he or she applies for a mortgage, etc. Under the new Senate bill, a newly created cybersecurity office will establish safeguards for consumer data and impose penalties on CRAs for putting consumer data at risk.

    Speak with a lender today.

    How Can the New Bill Protect Consumer Data?

    The new Senate bill, formally Data Breach Prevention and Compensation Act of 2018, covers data breaches involving one personally identifying information, which the bill identifies as:

    • An individual’s Social Security number, driver’s license number, passport number, alien registration or unique identification number issued by the government, and unique biometric data.
    • An individual’s financial account numbers, e.g. credit and debit cards and any passcode to access these accounts.
    • An individual’s first and last name or his or her first initial and last name in combination with his or her physical or mental health records whether past, present or future.

    The bill will cover consumer reporting agencies pursuant to Section 603(p) of the Fair Credit Reporting Act or those with annual revenues not less than $7 million.

    For purposes of this article, subsequent references to CRAs will mean covered CRAs.

    The Office of Cybersecurity at FTC

    The bill proposes to establish an Office of Cybersecurity at the Federal Trade Commission or FTC in order to supervise the security of consumer data at CRAs.

    This dedicated cybersecurity office will have these main duties:

    Shop and compare rates.

    1. Promulgate regulations on the effective data security for CRAs, primarily requiring these CRAs to provide descriptions of their security measures, asset management, network management and monitoring, and data security. On data security, CRAs must provide their encryption processes for data at rest and data in transit.
    2. Document that a CRA has established technical measures and processes for the “continuous monitoring of data, intrusion detection, and continuous evaluation and timely patching of vulnerabilities.”
    3. Examine on an annual basis the data security measures of CRAs in compliance with the relevant provisions.
    4. Investigate any CRA upon a suspected potential breach or noncompliance with the relevant standards.
    5. Coordinate with the National Institute of Standards and Technology (NIST) and the National Cybersecurity and Communications Integration Center (NCCIC) of the Department of Homeland Security.
    6. Develop methods that will evaluate, test and measure effective data security practices of CRAs.
    7. Determine whether CRAs are complying with the above regulations.

    Penalties for Violating CRAs

    One of the main thrusts of the new bill is to hold CRAs accountable for unduly exposing consumers data in the wide open.

    Under the bill, the Office can sue a CRA over data breach in any U.S. District Court to recover civil penalties, as determined below:

    A civil penalty of $100 for each consumer whose name and at least one item of PII was compromised, and an additional $50 for each additional item of PII compromised.

    As Senators Warren and Warner said in a public statement, Equifax would have paid $1.5 billion in penalties for its failure to protect Americans’ personal information under the bill.

    Click here to see the latest rates.

    Justin
    + posts

    Justin McHood is a managing partner at Suited Connector and has been recognized by national media outlets as a financial expert for more than a decade.

    • Justin
      https://mortgage.info/author/justin/
      House Bill Adjusts HMDA Requirements for Small Lenders
    • Justin
      https://mortgage.info/author/justin/
      HUD: $2-Bil. Funding to Fight Homelessness in Local Communities
    • Justin
      https://mortgage.info/author/justin/
      What Does the New Year Hold for HELOCs? Projections, Rates in 2018
    • Justin
      https://mortgage.info/author/justin/
      HUD Gives Local Entities More Time to Assess Fair Housing Landscape
    civil penalties consumer data consumer data protection CRAs credit reporting agencies credit reports cybersecurity attack data breach Equifax Federal Trade Commission FTC Office of Cybersecurity personal data personal identifying information security breach Sen. Elizabeth Warren Sen. Mark Warner Senate bill
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Justin

    Justin McHood is a managing partner at Suited Connector and has been recognized by national media outlets as a financial expert for more than a decade.

    Related Posts

    Why Your Trended Credit Data Matters When Applying for a Home Loan

    November 12, 2022

    Here’s How to Fix the Common Credit Report Errors

    May 11, 2021

    Do Student Loans Stop you From Getting a Mortgage?

    February 17, 2020
    Mortgage.info
    © 2023 Mortgage.info Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.