Dems call for more action on Equifax hack

Dems call for more action on Equifax hack
© Getty

The Capitol Hill outrage over the massive Equifax data breach has returned, with Democrats suspicious that Republicans are delaying efforts to crack down on the credit reporting industry and secure consumer data.

The fresh outcry kicked off last Sunday, when Reuters reported that Mick MulvaneyJohn (Mick) Michael MulvaneyOn The Money: Trump rips Fed over rate hikes | Dems fume as consumer agency pick refuses to discuss border policy | Senate panel clears Trump IRS nominee Trump pick to head watchdog agency is who consumers need Dems fume as Trump's consumer bureau pick refuses to discuss role in border policy MORE, the acting director of the Consumer Financial Protection Bureau (CFPB), had slowed the agency’s investigation into Equifax.

The 2017 breach exposed sensitive information, including Social Security numbers, of 143 million Americans.

A group of 32 Senate Democrats responded to the Reuters report by demanding answers from the agency about the progress of its investigation.

The CFPB declined to comment on the letter, instead pointing to an earlier statement from Mulvaney senior adviser John Czwartacki.

“Acting Director Mulvaney takes data security issues very seriously,” Czwartacki said. “Under his direction, the CFPB is working with our partners across government on Equifax’s data breach and response. We are committed to enforcing the law. As policy, we do not confirm or deny enforcement or supervisory matters.”

Democrats have kept up the heat on Equifax and other credit reporting agencies since the hack, using the breach to call for reforms.

Sen. Elizabeth WarrenElizabeth Ann WarrenOn The Money: Trump 'ready' for tariffs on all 0B in Chinese goods | Trump digs in on Fed criticism | Lawmakers drop plans to challenge Trump ZTE deal On The Money: Trump rips Fed over rate hikes | Dems fume as consumer agency pick refuses to discuss border policy | Senate panel clears Trump IRS nominee Dems fume as Trump's consumer bureau pick refuses to discuss role in border policy MORE (D-Mass.) also released a report this week on the breach, excoriating Equifax for a lack of safeguards and calling on Congress to crack down on credit reporting agencies.

Last month, Warren and Sen. Mark WarnerMark Robert WarnerSenate panel advances Trump IRS nominee Bipartisan bill would bring needed funds to deteriorating National Park Service infrastructure Senate Dems press for info on any deals from Trump-Putin meeting MORE (D-Va.) introduced legislation that would make it easier for the Federal Trade Commission to police credit bureaus’ data security practices.

And in November, Democrats on the Senate Commerce Committee renewed their push for a law requiring companies to notify consumers of data breaches within 30 days of discovering them.

“[The breach] showed how a lack of oversight and accountability from credit reporting companies played a key role in the largest credit consumer data breach in history,” Warner said in a statement to The Hill. “Congress has a responsibility to ensure these companies are collecting and maintaining this data in an appropriate and secure manner, including by adopting effective system and data security safeguards.”

The calls for data breach laws grew in 2017, the same year Uber revealed a data breach a year earlier had compromised information from 57 million users and Yahoo announced that all of its 3 billion user accounts had been compromised in a 2013 breach.

“We've gotta do something to require much more protection for data,” Rep. Jan SchakowskyJanice (Jan) Danoff SchakowskyLawmakers worry about rise in drugged driving 'Paws for Celebration' event brings rescue animals to the Capitol House Dems seek answers from firm led by former Cambridge Analytica employee MORE (Ill.), the ranking Democrat on the House Energy and Commerce consumer protection subcommittee, who introduced her own data breach bill in October. “I just think all of this just spurs on demand for a long-term solution.”

Former Equifax CEO Richard Smith faced four congressional hearings in October, with members of both parties furious about a breach that had exposed sensitive personal data for nearly half the country.

Despite the outrage from lawmakers, though, there’s been little movement in Congress toward cracking down on the industry or improving data security practices.

ADVERTISEMENT
Lisa Gilbert, the vice president of legislative affairs at the left-leaning consumer group Public Citizen, said it’s frustrating to watch the bipartisan fury fade just months after the breach, which she called one of the worst financial scandals since the recession.

“I think it was impossible for members on both sides of the aisle not to be loud and angry” during the hearings, Gilbert said.

She added that the differing views on regulations between Republicans and Democrats have since hampered momentum among lawmakers.

Rep. Greg WaldenGregory (Greg) Paul WaldenDominant internet platforms must disrupt themselves Hammond pardons raise fears of emboldened anti-government extremists Oregon ranchers pardoned by Trump fly home on Pence donor's private jet MORE (R-Ore.), who chairs the House Energy and Commerce Committee and grilled Smith during one of the hearings last year, insists that Congress is still investigating the breach. He told reporters Thursday that data breaches are a sensitive issue for regulators, adding that different areas of the private sector can never agree on where the legal burden to protect data should fall.

“We're trying to get our heads around where the liability properly resides and what can we do that could actually pass,” Walden said.

But Schakowsky suggested that Republicans are dragging their feet in an attempt to appease the private sector.

“I think they're getting pressure from the companies that don't want to do anything more than what they've already been doing,” she said. “We have to stop pretending that this is just going to go away.”