Hacker News new | past | comments | ask | show | jobs | submit login
Senator Kirsten Gillibrand: The U.S. Needs a Data Protection Agency (medium.com)
17 points by sxp 15 days ago | hide | past | web | favorite | 4 comments

The US needs an agency that helps businesses and citizens with security. If China is attacking our citizens we need a national style defense of our business and IP. For example, right now lots of decisions are left up to each company to decide how to best secure data. Equifax is a great example. They were leaving servers unpatched and I think not removing access for former employees.

There also needs to be a licensing system for any company or person that is going to have access to PII data for more than 25k people. People in this position need extra training, especially developers. Many developers learn about information security on the job but it should be a formalized training system. We keep seeing the same dumb mistakes being made at companies like leaving databases unsecured or S3 buckets public.

Not a bad idea, but the fundamental thing that needs to happen is that US laws have to be fully updated for the computer age, with privacy protections and limits on what collected information be used for.

The U.S. doesn't need more agencies, it needs to prevent china from stealing valuable intellectual and copyrighted property like the F-35 stealth fighter data china stole to build its j-20.

IIUC, the proposal is for a government agency that would take enforcement action on behalf of aggrieved citizens. I'm skeptical that it would achieve those goals, at least for most citizens. Consider the FCC under Ajit Pai.

I'm guessing a better solution is this combination:

(a) legislation similar to the EU's GDPR, and

(b) legislation that prohibits consumer-oriented products and services from requiring EULAs or other licensing terms that give up the rights granted under (a), and

(c) grants private individuals the right to bring lawsuits for violations of (a,b)

Applications are open for YC Summer 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact