Washington, D.C. - October 4, 2017 (The Ponder News) -- U.S. Sen. Sherrod Brown (D-OH) – ranking member of the U.S. Senate Committee on Banking, Housing, and Urban Affairs – questioned former Equifax CEO Richard F. Smith today in the wake of a massive data breach that exposed the data of 145 million Americans. According to Equifax, more than 5.2 million Ohioans were impacted by the breach.
Brown called for Equifax to invest more in security and less in huge salaries for CEOs. He pointed out that Equifax spent nearly as much on Smith’s multi-million dollar salary as the company spent on cybersecurity. Since last year, Smith earned about $69 million, while Equifax spends just $85 million a year on cybersecurity.
“In hindsight, do you think Equifax should have spent more money protecting peoples’ data rather than compensating you so well?” Brown asked. “You’re an IT company. That’s just not acceptable.”
Brown also pointed out how unfair Equifax’s business model is for American consumers. Equifax makes money collecting and selling consumers’ data to other big companies. Those consumers are not compensated for the use of their data, in fact, most of the time, they don’t even know it’s being sold. Then Equifax makes even more money by forcing those same consumers to pay Equifax to protect their data after a breach occurs.
“Do you think it’s fair that Equifax gets to take consumers’ data at almost no cost, make millions by selling it to data mining companies and marketers, then charge fees to those consumers for credit monitoring products after they’ve become identity theft victims?” Brown pressed the CEO.
Brown called for consumers to have more control of their own data, similar to how Americans have ownership of their medical records. It is illegal for companies to buy and sell medical records, and patients must consent before their information is transferred. However, companies like Equifax are free to buy and sell sensitive data without people’s consent or knowledge. Brown suggested Americans should have the right to request their data be deleted from Equifax’s system or at the other consumer reporting agencies.
“If you don’t think consumers should be allowed to control their own data, why should a company that has had so many security failures be allowed to control their data? That’s the fundamental question this company hasn’t answered to the public,” Brown said.
No comments:
Post a Comment