Policymakers should protect against the misuse of data, including:
Policymakers and the private sector should ensure that organizations effectively protect against unauthorized access to or misuse of personal information.
Organizations must effectively inform consumers about how their personal information is secured and what actions will be taken in the event of a security breach.
Companies, government agencies, and individuals should protect the unauthorized use, display, collection, and sale of SSNs. Criminal and civil penalties for SSN misuse should be increased.
Federal policymakers should strengthen protections and enforcement against identity theft.
Policymakers and the private sector should enact meaningful rules and standards to provide government oversight and consumer protection against nuisance telemarketing calls and telemarketing fraud.
Consumers should be protected against spam e-mail. Policymakers should prohibit misrepresentation of the sender, subject, or content of an e-mail.
Companies should disclose age data on their workforce and for new hires.
Policymakers and the private sector should ensure that consumers and employees have the right to seek redress through the courts for injury or losses.
Options for alternative dispute resolution (ADR) should be available. These include mediation and arbitration.