GAO Backs Senators in the Push for Data Protection in the U.S.
After the European Union (EU) created its General Data Protection Regulation (GDPR), Senators and agencies alike have pressured the United States government to adopt their own internet privacy laws.
United States Current Privacy Policies
The country as a whole currently has no internet privacy laws. According to the National Conference of State Legislatures, each state has its own privacy laws. Even so, not every state has legislation for every category. These include: Internet Server Providers (ISP) Privacy, Social Media Privacy Laws, and Statewide chief information security officers or (CISOS).
Last year, the Federal Communications Commission (FCC) created several rules to protect consumers. Some of these rules included:
Only 26 states have created social media laws, which prohibit the access of a student or employee social media account. All 50 states have employed a CISOS who creates statewide policies and requires security training for employees. Another nationwide piece of legislation is the requirement to notify individuals of security breaches that involve personally identifiable information.
GAO Report Finds Holes in U.S. Policy
After several data breaches occurred, The Government Accountability Office (GAO) decided to take action. They completed a study about internet privacy that explored how the FCC and Federal Trade Commission (FTC) have overseen privacy. They also looked into what stakeholders thought were the strengths and weaknesses of privacy handling and what improvements could be made.
They found that the FTC filed over 100 enforcement actions regarding Internet privacy, but they ended up as settlement agreements. This leaves it to the company as to how they handle the violation, meaning policy makers are left out of the equation. As far as the stakeholder opinions, they identified three ways to increase privacy:
Recommendations for Consumer Protection
The conclusion of their report stated, “…there is no comprehensive federal privacy statute with specific standards…Comprehensive legislation addressing Internet privacy that establishes specific standards and includes APA notice-and-comment rulemaking and first-time violation civil penalty authorities could help enhance the federal government’s ability to protect consumer privacy… and provide better assurance to consumers that their privacy will be protected.”
How to Secure Your Information
The GDPR-style privacy that is recommended can be difficult to obtain. We at Secure Data have created a product that is GDPR compliant, FIPS 140-2 Validated, and Privacy Shield Certified. Our line of SecureDrives are hardware encrypted to eliminate data leaks and come preloaded with DriveSecurity Antivirus protection.
The KP model has a wear-resistant pad so potential hackers won’t be able to figure out the most commonly used keys. After ten consecutive incorrect PIN attempts, the data is wiped from the drive. The BT model of the SecureDrive puts data control in the hands of the user. Your drive will only unlock when you use the app on your phone and you can delete data and reset your password remotely using the same app. Other features include geo-fencing and time-fencing restrictions to limit who has access to your personal data.
Many organizations don’t even know that GDPR regulations exist, but the consequences are substantial. For each incident violating the regulations, you will have to pay between two and four percent of the worldwide annual revenue for the whole organization. SecureDrives ensure that your company is GDPR compliant and your data remains secure. Call 1-800-875-3230 with any questions.