(Washington) Two influential lawmakers from opposing parties have reached an agreement on legislation intended to strengthen the protection of Americans’ personal data.
The sweeping proposal announced Sunday night would define privacy as a consumer right and create new rules for companies that collect and use personal information. It comes from the offices of Democratic Sen. Maria Cantwell and Republican Rep. Cathy McMorris Rodgers, both of Washington state.
Mme Cantwell chairs the Senate Commerce Committee, while Mr.me McMorris Rodgers leads the House Energy and Commerce Committee. Although the proposal has not been formally introduced and remains in draft form, bipartisan support suggests the bill could receive serious consideration.
Congress has long discussed ways to protect personal data, routinely submitted by Americans to a wide range of companies and services. But partisan controversies over the details doomed previous proposals.
According to a one-page preview published on Sunday, the bill drawn up by Mr.my McMorris Rodgers and Cantwell would strengthen rules requiring consumer consent before a business can collect or transfer certain types of information. Businesses should inform consumers of the details of data collection and retention policies and seek their permission for material changes.
Additionally, companies should ensure that algorithms used to analyze personal data are not biased, and companies that buy and sell personal data should register with the Federal Trade Commission (FTC).
Consumers would also have greater control over how their data is used under the measure. A provision in the proposal would allow consumers to opt out of targeted ads, that is, ads sent to them based on their personal data.
A new office focused on data privacy would be created within the FTC, which would have the power to issue new rules as technology evolves. Enforcement of the law would fall to the FTC as well as state attorneys general.
If adopted, the new standard would preempt most state privacy laws, although it does not impact existing laws in some states that protect financial data, health or employees.