Proposed privacy bill mirrors GDPR, adds jail time for lying CEOs

A proposed Senate bill, the Consumer Data Protection Act, aims to enforce privacy rights and impose harsh penalties on companies that violate privacy laws. The bill would require companies generating over $50 in revenue and with personal data on more than one million people to comply with minimum privacy and cybersecurity policies. Companies that fail to comply could face fines of up to 4% of annual gross revenue, and executives who lie on privacy reports or fail to disclose breaches could face 10 to 20 years in prison. The bill also includes provisions for a national “Do Not Track” system.