A Hampton Roads legislator is raising concerns about a company he alleges is violating Virginia’s consumer data protection laws. “Everybody ought to be concerned (with data security),” Del. Cliff Hayes, a Chesapeake Democrat, said Thursday.
“We are in the age of artificial intelligence and security breaches, and many people don’t even realize that data is being collected about them online.” The Virginia Consumer Data Protection Act was signed into law in 2021 and took effect last year. Hayes carried the legislation in the House of Delegates.
It allows residents to request to review the data that companies have collected about them, and to opt out of having their data collected or sold. In a May 7 letter addressed to Johnny Ayers, the chief executive officer of Socure, an identity verification company based in Nevada, Hayes asserted that the company is not abiding by these rules, which the company denies. When a consumer submits a request about their data, Hayes said they receive an SMS text that links to a landing page where they are asked to verify their identity.
The page requires consumers to agree to Socure’s Terms of Use before moving forward. “Within the Terms of Use are provisions requiring the consumer to waive his or her rights to future class action lawsuits against Socure, as well as an agreement to binding arbitration,” Hayes wrote. “If the consumer chooses to not agree to Terms of Use, the identity verification process is canceled, thus ending.