New bill in US Senate proposes prison time for CEOs for personal data breaches

A United States senator has introduced a new bill called the Corporate Executive Accountability Act which proposes that CEOs of corporations with more than $1 billion in annual revenue should be sent to prison if they are found liable for the violation of personal data of 1% of the American population or 1% of the population of any state.

The new bill seeks to penalise top executives of large corporations who often escape conviction after their organisaions are found guilty of suffering data breaches or cyber attacks that result in the leakage of personal data of thousands of customers to malicious actors.

YOU MAY ALSO LIKE:

CEOs to be made personally liable for data breaches

According to the new bill, punishment for such a violation will be up to a year in prison and a repeat offense will result in three years in prison. These will be separate from fines imposed by data protection regulators to corporations for failing to secure the personal data of their customers.

"Corporations don't make decisions, people do, but for far too long, CEOs of giant corporations that break the law have been able to walk away, while consumers who are harmed are left picking up the pieces," said Senator Elizabeth Warren who introduced the Corporate Executive Accountability Act.

Senator Warren has also introduced another bill called Ending Too Big to Jail Act which proposes that financial executives at large corporations must be held accountable by creating a permanent investigative unit for financial crimes and requiring executives at big banks larger than $10 billion to certify that there is no criminal conduct or civil fraud. The latter will make it easier for government agencies to prove wrongdoing if it is later discovered.

"These two bills would force executives to responsibly manage their companies, knowing that if they cheat their customers or crash the economy, they could go to jail," Senator Warren added.

ALSO READ:

ICO hands out its first-ever prosecution under the Computer Misuse Act

UK law firms being investigated for data breaches, report says