Sen. Warner Seeks FTC Investigation of Equifax

Virginia Democrat has bunch of questions about breach that he says need answering

WASHINGTON — In the latest in a veritable parade of Equifax breach-related actions, Sen. Mark Warner (D-Va.) has asked the Federal Trade Commission to investigate what he calls a "lapse" in the credit reporting firm’s cybersecurity practices.

Warner’s request was the latest response to Equifax’s revelation last week that there had been a cybersecurity breach that potentially compromised the data of 143 million Americans.

“The American people deserve to know that their government is serious about learning from and responding to this truly concerning incident, and that it is taking all appropriate steps to help ensure it cannot happen again,” Warner wrote in a letter Wednesday (Sept. 13) to acting FTC chair Maureen Ohlhausen.

Warner is co-founder of the bipartisan Senate Cybersecurity Caucus.

The senator wants answers to a host of questions from the FTC, including whether the agency has any remedies under a current consent decree with Equifax over violations of the Fair Credit Reporting Act; whether Congress should limit the ability of credit reporting agencies to sell data outside “specific contexts;” whether the FTC holds lapses in data security in response to a breach to a higher standard than breach-related lapses; and whether there are even adequate incentives or penalties to deter unreasonable practices.

The FTC has recently cited various data privacy cases and settlements to suggest it is capable of handling oversight of broadband privacy, particularly if, as expected, the Federal Communications Commission returns privacy oversight of internet service providers to the FTC (by reclassifying ISPs as Title I information services under the Communications Act).