Washington (April 12, 2019) –Senator Edward J. Markey (D-Mass.), a member of the Senate Commerce, Science and Transportation Committee, today introduced comprehensive federal privacy legislation to protect American consumers’ personal information. The legislation comes in the wake of a series of revelations about myriad companies sharing consumers’ personal information without their consent, as well as unauthorized breaches of the data of hundreds of millions of consumers. Senator Markey’s Privacy Bill of Rights Act establishes rules for both online and offline companies and bans the use of individuals’ personal information for harmful, discriminatory purposes, such as housing and employment advertisements targeted based on demographics like race and gender. It also includes cybersecurity standards and provides the Federal Trade Commission (FTC) with rulemaking authority.
“America’s laws have failed to keep pace with the unprecedented use of consumers’ data and the consistent cadence of breaches and privacy invasions that plague our economy and society,” said Senator Markey. “I have long advocated for privacy protections that include the principles of knowledge, notice and the right to say ‘no’ to companies that want our information. But it is increasingly clear that a true 21st century comprehensive privacy bill must do more than simply enshrine notice and consent standards. That’s why my Privacy Bill of Rights Act puts discriminatory data uses out of bounds and tells companies that they can only collect the information that is necessary to provide the product or service requested by the consumer.”
A copy of the Privacy Bill of Rights Act can be found HERE.
Specifically, the Privacy Bill of Rights Act:
- Prohibits companies from using individuals’ personal information in discriminatory ways
- Requires companies to protect and secure the personal information that they hold
- Establishes a centralized FTC website that tells consumers about their privacy rights and requires companies to use easy to read short-form notices provided directly to consumers
- Ensures companies collect only the information they need from consumers in order to provide the requested services
- Enables State Attorneys General to protect the interest of their residents and bring action against companies that violate the privacy rights of individuals. Individuals will also have a private right of action empowering them to defend their own privacy rights.
“Senator Markey’s Privacy Bill of Rights Act sets a strong, rights-based standard for consumer privacy protection under federal law that goes beyond mere notice and choice,” said Dylan Gilbert, Policy Fellow at Public Knowledge. “The Act provides many good proposals that should be added to any comprehensive vehicle. In particular, Public Knowledge applauds the Act’s data minimization requirements, data use restrictions — including prohibitions on uses that lead to unfair discrimination — and private right of action so that consumers can have their day in court both individually and as a class for violations of their privacy rights.”
“This bill gives people meaningful rights and protections over how companies can obtain and use personal information,” said Gaurav Laroia, Policy Counsel at Free Press Action. “It also prohibits companies from using private data to deny people opportunities in employment, finance, health care, credit, insurance, housing, or education based on characteristics like their race, gender or sexuality. Ending these practices, and giving ordinary people the right to enforce these anti-discrimination rules, is necessary to ensuring that fairness, privacy, and civil rights flourish in the internet age.”
Last month, Senator Markey and Senator Josh Hawley (R-Mo.) introduced legislation to update the Children’s Online Privacy Protection Act (COPPA) by prohibiting internet companies from collecting personal and location information from anyone under 13 without parental consent and from anyone 13- to 15-years old without the user’s consent.
Source: Senator Ed Markey
We need to demand “opt-in” for any tracking.
Opt-out doesn’t protect anyone and nobody should be expected to have a cookie for some tracking company they’ve never heard about.
But if the cookie doesn’t exist, then the person, user, computer, clearly didn’t intend to opt-in.
Simple, clear.
I’m getting ticked off at the sites that now notify you that if you continue using their site that they will take that as opt-in consent.