Consumers should control the extent to which their personal information may be collected, analyzed, shared, scraped, and sold.
Privacy protections should be embedded into products and services.
Organizations (including private companies, nonprofits, and government entities) should clearly communicate:
Policymakers should protect against the misuse of data, including:
Policymakers and the private sector should ensure that organizations effectively protect against unauthorized access to or misuse of personal information.
Organizations must effectively inform consumers about how their personal information is secured and what actions will be taken in the event of a security breach.
Companies, government agencies, and individuals should protect the unauthorized use, display, collection, and sale of SSNs. Criminal and civil penalties for SSN misuse should be increased.
Federal policymakers should strengthen protections and enforcement against identity theft.
States should require that home improvement contractors be licensed, insured, and bonded.
States should require written home improvement contracts and specify required and prohibited contract provisions.
States should put in place criminal and civil penalties.