Prison time, hefty fines for data privacy violations: draft U.S. Senate bill

WASHINGTON (Reuters) – A senior Democratic U.S. senator on Thursday said it would be easier for him to have 20-year prison terms for executives.

Senator Ron Wyden released a draft of legislation that would grant the Federal Trade Commission authority to write. The measure would also allow maximum fines of 4 percent of revenue.

"It's time for some sunshine on this shadowy network of information sharing," Wyden said in a statement. "My bill makes radical transparency for consumers, gives them new tools to control their information and backs it up with tough rules."

Data privacy has become an important issue since massive breaches compromised the personal information of millions of U.S. Internet and social media users, as well as breachesEFX.N).

Wyden would also create a national "Do not Track" system to stop tracking users by sharing or selling data and targeting based on their personal information. The bill would also include senior executives at $ 5 million or more.

Facebook Inc (FB.OThe world's largest social media network, said 70 million U.S. users were improperly shared with political consultancy Cambridge Analytica. It said last month that cyber attackers stole data from 29 million Facebook accounts using an automated program.

In September, Amazon.com Inc (AMZN.O), Alphabet Inc (GOOGL.O), Apple Inc. (AAPL.O), AT & T Inc (T.N), Charter Communications Inc. (CHTR.O) and Twitter Inc (TWTR.N) all told new federal privacy regulations.

Senator John Thune, who chairs the Commerce Committee, is also working on privacy legislation.

The Internet Association, which represents more than 40 major internet and technology companies, backs modernizing data privacy rules and wants a national approach that would pre-empt new regulations in California that take effect in 2020. The Trump administration is also seeking comments set nationwide data privacy rules.

The European Union's General Data Protection Regulation took effect in May, replacing the block's patchwork of rules dating back to 1995.

Breaking EU privacy laws can result in up to 4 percent of global revenue or 20 million euros ($ 22.8 million), whichever is higher, as opposed to a few hundred thousand euros.