House Calls For Increased Internet Privacy Protection
House Energy and Commerce Communications Subcommittee Chairman Rick Boucher (D-Va.) plans to introduce a bill to provide Web users greater confidence in how information collected online is stored and used. In a hearing held last month, Boucher focused on pipeline providers, such as AT&T, Comcast and Verizon. The panel discussed whether the government should regulate a filtering technology that Internet firms employ for security reasons. This technology, however, can also be used to target advertising by tracking customers' Internet use and compiling detailed customer profiles without their consent.
Boucher has decided to join forces with Energy and Commerce Consumer Protection Subcommittee Chairman Bobby Rush (D-Ill.), who recently introduced the Data Accountability and Trust Act (H.R. 2221). The Data Accountability and Trust Act, in its proposed form, would preempt state data breach notification laws and require entities that collect personal information to implement certain security policies. Boucher and Rush plan to hold a joint hearing this summer to determine how they can combine their efforts. Google and Yahoo have already expressed an interest in testifying at this joint hearing.
I'm unsure that HR 2221 will pass in it's current state. It appears that this is not the first attempt for DATA (109th Congress 2005-2006, 110th Congress 2007-2008). I'm interested from a legal perspective, how a state such as Montana (where privacy is written into their Constitution) or possibly California could reconcile this forced repeal of security/privacy legislation.
We at the CIPP Guide see the preemption of State's Rights as a very big issue. The patchwork of privacy regulations in the US is not ideal, but having the Federal Government set the high-water mark nationally is not in the best interest of our citizens' privacy or security.