New proposals regarding data and security seek to improve each individual user’s experience online, as well as their rights and options when it comes to infringements on their personal data.
Consumer Online Privacy Rights Act
A new bill, proposed by top Democrat on the Senate Commerce Committee, Sen. Maria Cantwell, has several goals, some of them being tough penalties for any companies that abuse or mishandle consumer data and giving “Miranda rights” to people online.
Whether the bill will pass or not is a tough question to answer, considering some of the more aggressive language and a lack of bipartisan agreement.
“We have to be satisfied that it’s worth it, and right now I’m not satisfied the Republicans understand the gravity of this problem and the need for a strong set of privacy rights and responsibilities in federal law. If they embrace that, that will unlock the real possibility of bipartisan legislation. But if they think they’re going to get preemption of state law for relatively [little], I think they have the wrong calculation,” co-sponsor of the legislation Sen. Brian Schatz told The Washington Post’s Tony Romm.
Despite efforts of both Democrats and Republicans and agreeing on certain points, likely not much will be done about the bill until the 2020 elections and impeachment saga are over.
The bill encompasses quite a large amount of points, including higher fines for any mishandling of user data by companies, allowing people to request to see what information is stored about them, as well as blocking it from being sold, creating a new privacy-focused bureau under the Federal Trade Commission and more.
“I don’t play well with others,”… or do I?
A new approach towards hackers, specifically “ethical” hackers, is being taken by the US government in an effort to strengthen security and get rid of any potential backdoors and bugs.
While hackers are generally seen in a negative light, looking to exploit whatever they can for fun or money, or to just mess up someone’s life, there are “ethical” hackers, who are just trying to help out and point out issues or bugs a system could have.
So far treatment of hackers has been pretty much the same, ethical or unethical, but steps are slowly being taken to change all of that as the Cybersecurity and Infrastructure Security Agency (CISA) proposes a new directive that will force federal agencies to “play nice” with friendly bug reporters who want to help out.
Clear channels through which people could report any flaws in security would be created and monitored by the agencies, with the next step being cooperating with bug finders to fix them. All the while, any threatening language or blocking the hackers or testers from publishing the bugs after a certain amount of time, will not be looked nicely upon and should be avoided by the agencies.
Another important provision in the proposal states that agencies cannot submit bugs found to the US Vulnerability Equities Program, an initiative that makes a decision on whether or not a bug or flaw can be published so that a fix can be found, or to keep it secret to build an arsenal, just in case.
Many will likely be delighted should the CISA directive be accepted after comments on December 27, and could seek to join in and help on improving cybersecurity.