Policymakers should protect against the misuse of data, including:
Policymakers and the private sector should ensure that organizations effectively protect against unauthorized access to or misuse of personal information.
Organizations must effectively inform consumers about how their personal information is secured and what actions will be taken in the event of a security breach.
Companies, government agencies, and individuals should protect the unauthorized use, display, collection, and sale of SSNs. Criminal and civil penalties for SSN misuse should be increased.
Federal policymakers should strengthen protections and enforcement against identity theft.
Policymakers should enact consumer protections and should eliminate deceptive practices. Mail solicitations should not appear to come from the government.
States should require that home improvement contractors be licensed, insured, and bonded.
States should require written home improvement contracts and specify required and prohibited contract provisions.
States should put in place criminal and civil penalties.
In general, consumer protection laws and regulations should not preempt the ability of lower levels of government to put in place stronger consumer protections.
Consumers should have access to the full range of legal remedies when they have been harmed (see also Private Enfor