Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

After Equifax agreed this week to a landmark settlement with state and federal regulators for its historic 2017 data breach, regulators are hoping that its penalties — which will cost Equifax up to $700 million — are big enough to deter the next firm from allowing the next breach.

Why it matters: There has never before been a breach like Equifax, where enough personal data was pilfered to steal the identity of the majority of U.S. adults. It's a milestone that consumers and regulators alike hope will only happen the once.

By the numbers: The Equifax settlement includes $275 million in penalties to state and federal regulators and up to $425 million to provide protection and reimbursement to consumers harmed in the breach.

Details: The consumer fund — which starts at $300 million, with provision to go up to $425 million as needed — will provide identity theft protection insurance and pay for four years of credit monitoring at all three major credit bureaus along with an additional six at Equifax.

But the fund also contains a unique feature that experts believe could become a new standard in future penalties for breaches. It will reimburse costs of dealing with the breach, like lawyers, out of pocket credit monitoring services and time spent wrangling with the whole ordeal, up to $20,000 per individual.

Stricter than Europe: Penalties under GDPR, Europe's privacy law, are usually portrayed as tougher than those in the U.S. While GDPR didn't take effect until after the Equifax breach, had Equifax spilled personal information on 147 million Europeans, the fine under GDPR would actually be smaller than what the U.S. just dished out.

  • Equifax did not encrypt personal data stolen in the breach, which would have violated GDPR. The penalty for violating GDPR is 2-4 percent of global revenue plus restitution.
  • For Equifax, which made $3.36 billion in revenue in 2017, that's a fine of $67 million. The state and federal regulator penalties for Equifax totaled around $200 million more than that.

The big question: Will this settlement's bite carry over to future breaches?

  • "There’s a real good chance the new reimbursement scheme will be the new standard," said Ken Dort, a data security and privacy attorney at Drinker Biddle.
  • However, experts think some of the high dollar totals may be more a response to alleged egregious mismanagement at Equifax that led to the breach.

The intrigue: It's only a matter of luck that a federal agency was able to dole out a fine for a privacy violation. While the CFPB can penalize financial institutions, no federal agency has the authority to fine most other companies on this issue.

  • Several lawmakers hope to pass legislation giving the Federal Trade Commission this central authority.
  • "Strengthening the FTC by giving it authority would be the strongest deterrent to future breaches," said Terrell McSweeny, a former FTC commissioner who is now an attorney at Covington.

What they're saying: "I expect a good number of lawyers will be using this as a case study for their clients in the future," said Marcus Christian, an attorney in Mayer Brown's cybersecurity practice.

Go deeper: How to file a claim over Equifax's data breach

Go deeper

Updated 3 hours ago - World

Over 3,000 detained in protests across Russia demanding Navalny's release

Russian police officers beat protestesters at a rally against of jailing of oppositon leader Alexei Navalny in Moscow on Saturday. Photo: Mikhail Svetlov/Getty Images

Police in Russia on Saturday arrested more than 3,300 people as protesters nationwide demanded that opposition leader Alexey Navalny be released from jail.

Details: Demonstrations began in the eastern regions of Russia and spread west to more than 60 cities.

Updated 5 hours ago - Politics & Policy

Arizona Republicans censure Cindy McCain and GOP governor

Combination images of Cindy McCain and Gov. Doug Ducey. Photo: FilmMagic/FilmMagic for U.S.VETS/Michael Brochstein/SOPA Images/LightRocket via Getty Images

Arizona Republican Party members voted on Saturday to censure prominent GOP figures Cindy McCain, Gov. Doug Ducey and former Sen. Jeff Flake (R-Ariz.), who've all faced clashes with former President Trump.

Why it matters: Although the resolution is symbolic, this move plus the re-election of the Trump-endorsed Kelli Ward as state GOP chair shows the strong hold the former president has on the party in Arizona, despite President Biden winning the state in the 2020 election.

Updated 8 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Eniola Odetunde/Axios

  1. Health: Most vulnerable Americans aren't getting enough vaccine information — Fauci says Trump administration's lack of facts on COVID "very likely" cost lives.
  2. Education: Schools face an uphill battle to reopen during the pandemic.
  3. Vaccine: Florida requiring proof of residency to get vaccine — CDC extends interval between vaccine doses for exceptional cases.
  4. World: Hong Kong puts tens of thousands on lockdown as cases surge — Pfizer to supply 40 million vaccine doses to lower-income countries — Brazil begins distributing AstraZeneca vaccine.
  5. Sports: 2021 Tokyo Olympics hang in the balance.
  6. 🎧 Podcast: Carbon Health's CEO on unsticking the vaccine bottleneck.