This article originally appeared in Information Security Buzz on December 4, 2018.
US Senator Mark Warner and a couple of colleagues are calling on Congress to pass data security laws to protect consumers in the wake of the Marriott breach, the latest in a long list of breaches including Facebook, Cathay Pacific, Equifax and a long list of other companies.
Chris Olson, CEO at The Media Trust:
“Data breaches and the trillion-dollar data mining industry have fueled consumer wariness around the world about the use and misuse of their information. It’s no surprise that consumers have begun to channel their outrage into new laws that attempt to curb certain data collection practices and require companies that collect such information to do a better job of securing it. GDPR, California’s Consumer Privacy Act, Canada’s PIPEDA, Japan’s APPI, South Korea’s PIPA, and, more recently, Sen. Wyden’s proposed consumer privacy bill all demonstrate that data will inevitably be more regulated than in the past. Wyden’s bill would even go so far as to imprison CEOs who lie about their data practices. Companies should prepare themselves for the changing regulatory landscape by carefully mapping where the data they collect goes and how it’s stored. If they take a hard look at their websites and mobile apps, they’ll quickly learn that the third parties who support these digital assets, most of whom they don’t even know, often collection information on users and visitors without authorization. Moreover, these third parties are popular targets for bad actors because they are less secure and provide trusted connections to the trove of consumer information. If lawmakers want to effectively address the data scandals, they should legislate thoroughly monitoring the activities of third-party code suppliers.”