May 8, 2021

Volume XI, Number 128

Advertisement

May 07, 2021

Subscribe to Latest Legal News and Analysis

May 06, 2021

Subscribe to Latest Legal News and Analysis

May 05, 2021

Subscribe to Latest Legal News and Analysis

New Federal Privacy Bill Introduced – Could 2021 Be the Year?

Bloomberg reported this week that the first comprehensive federal privacy bill of the year was introduced by Representative Suzan DelBene (D-Washington). The bill is known as the Information Transparency and Personal Data Control Act. The key concept of the bill is to protect sensitive personal information, which includes data relating to financial, health, genetic, biometric, geolocation, sexual orientation, citizenship and immigration status, social security numbers, and religious beliefs. This means that companies would need to have opt-in consent from consumers before such sensitive information could be used or disclosed. The bill also provides protections for the information of children under 13 years of age. According to her press materials, Rep. DelBene states that the key elements of the bill are:

  • Plain English: Requires companies to provide their privacy policies in “plain English.”

  • Opt-in: Allows users to “opt-in” before companies can use their most sensitive private information in ways they might not expect.

  • Disclosure: Increases transparency by requiring companies to disclose if and with whom their personal information will be shared and the purpose of sharing the information.

  • Preemption: Creates a unified national standard and avoids a patchwork of different privacy standards by preempting conflicting state laws.

  • Enforcement: Gives the Federal Trade Commission (FTC) strong rulemaking authority to keep up with evolving digital trends and the ability to fine bad actors on the first offense. Empowers state attorneys general to also pursue violations if the FTC chooses not to act.

  • Audits: Establishes strong “privacy hygiene” by requiring companies to submit privacy audits every two (2) years from a neutral third party.

The bill requires that data controllers shall provide users with the ability to opt out atany time for the collection, transmission, storage,  processing, selling, sharing, or other use of non-sensitive personal information, including sharing with third parties. The bill has no private right of action and would increase both the staffing and budget of the Federal Trade Commission. We will continue to monitor this legislation as well as other pending state legislative privacy bills.

Advertisement
Copyright © 2021 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XI, Number 70
Advertisement
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement

About this Author

Deborah A. George, Robinson Cole, Cybersecurity lawyer
Counsel

Deborah George is a member of the firm’s Business Litigation Group as well as its Data Privacy + Cybersecurity Team.

Deb advises clients on and focuses her practice on data privacy and security, cybersecurity, and compliance with related state and federal laws. She also has experience providing counsel in civil litigation and employment law matters.  She has significant experience offering advice and counsel on legal issues related to human services agencies, including Medicaid, as well as  drafting and reviewing contracts, business associate agreements, and data use agreements. ...

401.709.3363
Advertisement
Advertisement