Consumers should control the extent to which their personal information may be collected, analyzed, shared, and sold.
Privacy protections should be embedded into products and services.
Organizations (including private companies, nonprofits, and government entities) should clearly communicate:
Policymakers should conduct oversight on data brokers to ensure transparency and accountability.
Policymakers should protect against the misuse of data, including:
Policymakers and the private sector should ensure that organizations effectively protect against unauthorized access to or misuse of consumers’ personally identifiable information
Organizations must effectively inform consumers about how their PII is secured and what actions will be taken in the event of a security breach.
Companies, government agencies, and individuals should protect the unauthorized use, display, collection, and sale of SSNs.
Federal policymakers should strengthen protections and enforcement against identity theft.
Occupational regulation should enhance consumer health and safety and provide consumers with meaningful benefits.