147 Million Social Security Numbers for Sale: Developing Data Protection Legislation after Mass Cybersecurity Breaches

By Kuhn, McKenzie L. | Iowa Law Review, November 2018 | Go to article overview

147 Million Social Security Numbers for Sale: Developing Data Protection Legislation after Mass Cybersecurity Breaches


Kuhn, McKenzie L., Iowa Law Review


I. Introduction

Have you ever searched your name on Google and immediately found your phone number and home address on the very first page? Have you noticed that as you scroll on Facebook, the ads you see are tailored to your favorite stores and items? Have you ever wondered why certain apps on your phone track your GPS location, even when the app is not in use? Have you questioned whom your email address will be shared with when you sign up for a coupon on a store's website? Consumers are beginning to ask these questions in light of recent mass data breaches, like UnderArmour's "MyFitnessPal" in 2018, Equifax in 2017, LinkedIn and Yahoo in 2016, and eBay in 2014, which affected hundreds of millions of Americans. 1

Technology has enabled phones, smart watches, and computers to recognize an individual's face and voice, to track a person's average heart rate and hours of sleep, or even to collect internet search history, financial information, and sensitive medical history.2 Additionally, 70% of smartphone apps share the personal information they collect with third-party companies such as Google Analytics and Facebook Graph API.3 Data collection gives companies the power to tailor their products and services to specific individuals. For example, Cambridge Analytica collected the private information from more than 50 million Facebook users in order to identify American voter personalities and sway their behavior in the 2016 Presidential election.4 Of the 50 million individual accounts harvested, only 270,000 Facebook users consented to having their data collected, after being told it was to be used solely for academic purposes.5 While the mass collection of individuals' data is helpful for businesses and some consumers, the problem arises when businesses invade the privacy of individuals by storing and, sometimes, losing their information, exposing those consumers to harm.6

While other countries have extensive data protection laws to protect consumers' personal information, the United States lacks universal, federal data protection laws.7 Instead of calling for a law that would protect consumers from the progression of technology and globalization, many companies are actively lobbying against U.S. data protection legislation.8 Equifax, a company that suffered a data breach that affected over 147 million Americans in 2017,9 has spent millions lobbying in Congress against such protections.10 Many states have attempted to fill the void of data protection laws by passing their own laws; however, large companies that rely on the collection of consumer data for revenue have thwarted these efforts by urging state legislatures to vote against such data protections.11

As a result of the growing data protection problem, this Note argues Congress should implement data protection legislation to keep up with the rapidly advancing impact of technology on society and to protect consumers' privacy. First, in Part II, this Note compares the vastly different legal frameworks for data protection between the United States and the European Union ("EU"). Section II.A explores the current U.S. data protection framework, made up of sector-specific federal laws and state data protection laws. Section II.B discusses the development of data protection laws in the EU and contrasts its uniform regulatory framework with the U.S. approach. Finally, Section II.C provides a background on the General Data Protection Regulation ("GDPR"), which is a comprehensive data protection law passed by the European Parliament that will significantly affect how U.S. businesses collect the personal information of EU citizens. The GDPR establishes several rights for EU citizens regarding the right to control the processing of their personal information, such as the right to informed consent and the right to be forgotten.12 When drafting a federal data protection law, Congress should use provisions of the GDPR as examples of the rights and critical protections that consumers need in order to be effectively protected from future mass data breaches. …

The rest of this article is only available to active members of Questia

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Default project is now your active project.
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)

(Einhorn 25)

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Note: primary sources have slightly different requirements for citation. Please see these guidelines for more information.

Cited article

147 Million Social Security Numbers for Sale: Developing Data Protection Legislation after Mass Cybersecurity Breaches
Settings

Settings

Typeface
Text size Smaller Larger Reset View mode
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Help
Full screen
Items saved from this article
  • Highlights & Notes
  • Citations
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

matching results for page

    Questia reader help

    How to highlight and cite specific passages

    1. Click or tap the first word you want to select.
    2. Click or tap the last word you want to select, and you’ll see everything in between get selected.
    3. You’ll then get a menu of options like creating a highlight or a citation from that passage of text.

    OK, got it!

    Cited passage

    Style
    Citations are available only to our active members.
    Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

    1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

    Cited passage

    Thanks for trying Questia!

    Please continue trying out our research tools, but please note, full functionality is available only to our active members.

    Your work will be lost once you leave this Web page.

    Buy instant access to save your work.

    Already a member? Log in now.

    Search by... Author
    Show... All Results Primary Sources Peer-reviewed

    Oops!

    An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.