A press release from EPIC.org:
WASHINGTON D.C. – Nearly half of states that have passed consumer privacy laws get a failing grade for protecting consumers’ data, according to The State of Privacy, an updated scorecard from the Electronic Privacy Information Center (EPIC) and U.S. PIRG Education Fund. Of the 19 states with laws, eight received Fs, and none received an A.
“Many of these ‘privacy laws’ protect privacy in name only,” said Caitriona Fitzgerald, deputy director of EPIC. “In effect, they allow companies to continue hoarding our personal data and using it for whatever purposes they want. Big Tech should not be allowed to write the rules.”
Since 2018, 44 states have considered consumer privacy bills that purportedly aim to protect consumers’ privacy and security. Many of these bills, however, have been heavily influenced by companies such as Amazon, leading to significantly weakened consumer protections across the country. The U.S. currently has no comprehensive federal privacy law.
Tech companies’ harvesting of personal information including demographics and browsing and search history has attracted more attention in recent years. Over 80% of surveyed Americans are concerned how companies collect and use their data.
The more data that companies collect, and the more entities they disclose it to, the more likely it is that that consumers’ information will get exposed in a breach or a hack, making it more likely consumers will become the victim of identity theft or hyper-targeted scams.
“The best way to keep data secure is to not collect it in the first place,” said R.J. Cross, U.S. PIRG Education Fund’s Don’t Sell My Data campaign director. “A law that really protects consumers would minimize the amount of information companies are allowed to collect upfront. Most of the laws on the books don’t do this. Too many of them are a bad deal for consumers.”
While the United States still has a long way to go in ensuring Americans have meaningful privacy protections, some states are making significant progress. Last year, Maryland passed the second-strongest privacy law nationwide. It limits what data companies can collect about consumers, bans the sale of sensitive data, and prohibits targeted advertising to minors.
Other states, including Vermont, Massachusetts, and Maine are considering similarly strong comprehensive consumer privacy legislation this session.
“Grading these laws really makes it clear that they’re almost all copy-and-paste versions of a bill industry originally wrote,” said Kara Williams, Law Fellow at EPIC and report co-author. “It’s encouraging to see states starting to take a different approach, and EPIC hopes to see more states passing stronger privacy laws this year.”
###
About EPIC:
The Electronic Privacy Information Center (EPIC) was established in 1994 to protect privacy, freedom of expression, and democratic values in the information age. Our mission is to secure the fundamental right to privacy in the digital age for all people through advocacy, research, and litigation. Visit epic.org for more information
About U.S. PIRG Education Fund:
U.S. PIRG Education Fund is an independent, non-partisan group that works for consumers and the public interest. Through research, public education and outreach, we serve as the counterweights to the influence of powerful special interests that threaten our health, safety, and wellbeing. For more information about U.S. PIRG Education Fund, please visit www.pirg.org/edfund.
h/t, Risky Biz News