WASHINGTON — The top Republican and Democrat on the Senate Banking Committee are asking for stakeholders to weigh in on data privacy, protection and collection issues as lawmakers consider legislative responses to recent data breaches.
The request for public feedback comes as Chairman Mike Crapo, R-Idaho, has said that privacy and data security will be on the committee’s agenda for the new Congress. Sen. Sherrod Brown, D-Ohio, the committee’s ranking member, said at a committee meeting last week that Congress “hasn’t done anything” a year and a half after the Equifax data breach compromised roughly 148 million Americans' personal information.
“Given the exponential growth and use of data, and corresponding data breaches, it is worth examining how the Fair Credit Reporting Act should work in a digital economy, and whether certain data brokers and other firms serve a function similar to the original consumer reporting agencies,” Crapo said in a press release Wednesday. “I am particularly interested in what data is contained in modern consumer reports, how the information is gathered, who compiles it, how it is protected, how consumers can access it and correct it, and how privacy is respected.”
Brown noted in the same press release that "financial and technology companies are collecting huge stockpiles of sensitive personal data, but fail over and over to protect Americans’ privacy."
“Outdated privacy laws don’t address the complex surveillance schemes these businesses profit from today," Brown said. "Congress should make it easy for consumers to find out who is collecting personal information about them, and give consumers power over how that data is used, stored and distributed.”
Specifically, Crapo and Brown are asking what can be done through legislation, regulation or by implementing best practices to give consumers more control over their data and ensure they are properly notified of breaches.
They are also interested in how to ensure that financial regulators and private financial companies provide adequate disclosure about the information they are collecting about consumers.
Respondents have until March 15 to submit their comments to committee staff.