McCain, Kerry Introduce Digital Privacy Bill
Senators John McCain (R-Ariz.) and John Kerry (D-Mass.) have introduced a
bill that would “establish a regulatory framework . . . under the aegis of the
Federal Trade Commission [FTC]” to protect personal data online. According
to an April 12, 2011, press release, the Commercial Privacy Bill of Rights aims
to protect consumers from “unscrupulous actors in the market” by creating
“a baseline code of conduct for how personally identifiable information and
information that can uniquely identify an individual or networked device are
used, stored, and distributed.”
To this end, the legislation would require collectors of information, such as online advertisers and vendors, to (i) “implement security measures to protect the information they collect and maintain”; (ii) “provide clear notice to individuals on the collection practices and the purpose for such collection”; and (iii) “collect only as much information as necessary to process or enforce a transaction or deliver a service, but allow for the collection and use of information for research and development to improve the transaction or service and retain it for only a reasonable period of time.” In addition, the bill stipulates that information collectors “must provide the ability for an individual to opt-out of any information collection that is unauthorized by the Act and provide affirmative consent (opt-in) for the collection of sensitive personally identifiable information.”
If adopted, the legislation would direct the FTC and state attorneys general “to
enforce the bill’s provisions,” while allowing regulators to approve voluntary
safe harbor programs that meet the protections specified in the bill. “All of this
information sharing can be good to consumers,” Kerry was quoted as saying.
“The data deluge is worrying at the same time.” See Advertising Age, April 12,
2011.