U.S. Representatives Rick Boucher and Cliff Stearns released their draft legislation today that tackles online privacy issues. ReadWriteWeb covered the announcement of its release yesterday.
The discussion draft of the legislation sets up requirements for Internet companies and online ad networks that include “conspicuous” notice of information capture, initial user opt-in on all such collection and user opt-out afterward.
The focus of the legislation is on identifiers, such as full name, social security number, telephone number, bank account number, biometric data and so on. But it also includes information such as “persistent unique identifier” from ISP address to online nickname.
“A covered entity may not sell, share, or otherwise disclose covered information to an unaffiliated party without first obtaining the express affirmative consent of the individual to whom the covered information relates.”
The legislation also makes the “covered entity” responsibly for guaranteeing the safety and security of the information they gather.
Some types of information are exempt from these rules.
“No consent is required to collect and use operational or transactional data–the routine web logs or session cookies that are necessary for the functioning of the website–or to use aggregate data or data that has been rendered anonymous.”
To ensure the law would not be toothless, the legislation brings in a regulatory body.
“The Federal Trade Commission would adopt rules to implement and enforce the measure. States may also enforce the FTC’s rules through State attorneys general or State consumer protection agencies.”
Bottom photo by umjanedoan
