Senators Elizabeth Warren (D-Mass.) and Mark Warner (D-Va.) introduced a bill Wednesday that would allow the United States government to penalize Equifax and its peers with large fines for major cyber attacks and return that money to affected Americans.
The senator went on to say that if their law had been in place, Equifax would have been forced to pay a fine of over $1 billion, and gives CRAs incentive to invest in security.
The bill proposes a cap on total fines based on the credit-reporting agency's revenue, but the total penalty can be increased if basic cybersecurity practices weren't followed.
Despite widespread outrage over the scale of the Equifax hack that was revealed in September - which exposed the private data of over 143 million Americans, more than 15 million Brits, and goodness knows who else - the firm has faced no fines or fallout, other than some tax-deductible clean-up charges. In November, Sen. Bill Nelson (D-Fla.) sponsored the Data Security and Breach Notification Act, which would require companies to report data breaches within 30 days. "It will ensure that credit bureaus protect your information as if you actually mattered to them and it will both punish them and compensate you when they fail to do so", said U.S. PIRG Consumer Program Director, Ed Mierzwinski.
Consumer and security groups appear to support the legislation. "It also imposes real and meaningful penalties when credit bureaus, entrusted with our most sensitive financial information, break that trust", said National Consumer Law Center staff attorney, Chi Chi Wu.
Consumer watchdogs and cybersecurity experts praised Warren and Warner for taking steps to protect Americans' personal information and strengthen cybersecurity infrastructure.
"We appreciate this bill's attention to key weaknesses in consumer data protection".
Senators have proposed new legislation which would impose strict liability penalties on credit agencies (CRAs) in the event of a data breach.
Warner called Equifax's massive breach "particularly egregious" during an appearance on MSNBC's "Morning Joe" immediately following their CNN spot.
"I worry [the USA will] continue to go out and build and invest in the world's best 20th-century military, in terms of planes and tanks and ships, when many of our adversaries are not making investment in traditional military but making investments in cyber warfare tools where candidly ... we are not fully protected", Warner said.