Legislators Introduce Bipartisan Digital-Privacy Bill That May Not Be Doomed
A new bipartisan privacy bill offers a compromise along the lines of what many tech companies and even some privacy advocates have said we need to get something—anything—out of Congress and into statute: federal privacy protection that preempts most state privacy laws.
The American Data Privacy and Protection Act, announced Friday(Opens in a new window) by Reps. Frank Pallone, Jr. (D-N.J.), Cathy McMorris Rodgers (R-Wash.), and Sen. Roger Wicker, (R-Miss.), remixes many existing concepts and proposals; policy ingredients that other legislators have yet to turn into a recipe that can emerge from the Congressional kitchen.
As covered the bill’s 64-page draft (PDF(Opens in a new window)) and 10-page outline (PDF(Opens in a new window)), it would would require most companies to comply with data-minimization guidelines. That means they can’t collect, process, and hoard a wide variety of personal data—from financial details to stored communications to their activity at social and entertainment sites—for reasons unrelated to providing the product or service they offer.
The bill would apply higher standards to such especially sensitive items as Social Security numbers, geolocation records, biometric information, browsing history, and genetic data, in most cases requiring a person’s upfront permission.
The act would further require companies to operate along privacy-by-design principles and ban them from charging extra for any of the privacy rights granted by the bill. And it would require them to provide clear, plain-language documentation of how they collect, use, and monetize data—something that would be mandated more strictly by a bill announced in January.
The act would then grant customers a variety of opt-out rights,
Read more on pcmag.com
