Like Countable?

Install the App

Do We Need a Digital Protection Agency?

by Countable | 3.21.18

What’s the story?

  • In the wake of reports of Cambridge Analytica mining the personal data of 50 million Facebook users, Bloomberg declared: "It’s time for a digital protection agency. It’s clear ethics don’t scale, and it’s not just Facebook’s problem."

Who else’s problem is it?

  • Last year, a hack at the credit reporting agency Equifax exposed the personal and financial data of an estimated 143 million U.S. consumers, leaving half the nation vulnerable to fraud, theft, and various other crimes.

  • Equifax joined a number of other high-profile companies involved in data breaches, including Yahoo! (1 billion affected), Target (110 million), Ashley Madison (32 million), and eBay (145 million).

What’s the proposed solution?

  • Given "that it’s futile to expect reform or self-regulation from internet giants," Paul Ford wrote in Bloomberg, “I’d like to propose something that will seem impossible but I would argue isn’t: Let’s make a digital Environmental Protection Agency.”

  • "Call it the Digital Protection Agency. Its job would be to clean up toxic data spills, educate the public, and calibrate and levy fines."

What would the DPA do?

  • Ford points to an Australian website (, run by a single security expert, that keeps track of 5 billion hacked accounts. "You give it your email, and it tells you if you’ve been found in a data breach. A federal agency could and should do that work, not just one very smart Australian."

  • The DPA website could also be an information hub: "It would have the forms you need to restore your identity, assert that you’d been hacked, and protect yourself."

  • The DPA would rank "banks and services by the number of data breaches they’ve experienced."

  • The DPA would have the power to fine companies. "Consider this from [the companies’] perspective: How much better will it be to have your lawyers negotiate with the DPA’s lawyers instead of being hauled before Congress every time someone blows a whistle on your breaches?"

What do you think?

Does Congress need to create a Digital Protection Agency? Or would this be another example of government overreach and over-regulating? Is there some other way Congress should get involved? Hit Take Action and tell your reps, then share your thoughts below.

—Josh Herman

Related Reading

(Photo Credit: matejmo / iStock)


Written by Countable

Leave a comment