Proposed Law

Officials from both the Federal Trade Commission (FTC) and European Union (EU) recently called for enhancements to the Obama administration’s proposed Consumer Privacy Bill of Rights.

The White House’s
Continue Reading FTC and EU Are Critical of the White House’s Consumer Privacy Bill of Rights

In what amounts to a potential, unprecedented victory for consumers’ right to know how their personal information is used by businesses, the “Right to Know Act of 2013” (AB 1291) made further headway by being re-read and amended a second time on Monday, April 1st. As reported by Ars Technica, the Right to Know Act, which was introduced by California Assembly Member Bonnie Lowenthal, was the result of significant lobbying by the Electronic Frontier Foundation and the American Civil Liberties Union of Northern California.
Continue Reading California Legislature Advances Groundbreaking Privacy “Right to Know Act”

A standing room meeting organized by the Federal Trade Commission (FTC) in Washington on Monday, December 7th, highlighted a crucial divide in the discussion over the regulation of online privacy. The New York Times provides an excellent summary of the mainstream newsworthy aspects of the meeting.

While the take away may be that the FTC is taking a more serious look at online privacy and net neutrality, the reality is that any oversight is not going to happen anytime soon. Not anytime soon as in years, if ever. Policy making as the solution is not going to address any immediate concerns or problems.

What may be of more interest is the deep divide between the parties with a vested interest in the outcome of the discussion, namely, the consumer/consumer advocates and parties making money from information that may one day be regulated.
Continue Reading Online Privacy Regulation Comes Front and Center at FTC, and Will Quickly Fade

Governor Schwarzenegger vetoed the update to California´s landmark privacy protection law (AB 700), known as SB 20, which California’s State Legislature previously approved and we reported about here. SB 20 was proposed by State Senator Joe Simitian (D-Palo Alto).

The Office of Consumer Affairs and Business Regulations (OCABR) proposed revisions to the Massachusetts’ identity theft regulations, which would take effect on March 1, 2010. Citing a desire to undertake data security as “a risk-based approach that is especially important to small businesses that may not handle a lot of personal information about customers,” the OCABR emphasized that a business should assess the size and nature of the business, the kinds of records maintained and the risk of the business as an identity theft target when deciding its policies and procedures to handle personal information.
Continue Reading Identity Theft Regulations in Massachusetts May Get Small Business Friendly

The U.S. House of Representatives, referred to the House Committee on Energy and Commerce on April 30, 2009, continues to debate, revise and take testimony on a major piece of proposed federal legislation regarding privacy, the Data Accountability and Trust Act (H.R. 2221) (“DATA”).
Continue Reading Data Accountability and Trust Act: Federal Breach Notification, Data Security Policies and File Access Addressed

The Cybersecurity Act of 2009 (PDF link), introduced by Senators John Rockefeller (D-W. Va.) and Olympia Snowe (R-Maine), in no April Fool’s joke.  The proposed law would give President Obama have the power to shut down domestic Internet traffic (services, applications and software) during a state of emergency.  The Committee on Commerce, Science and Transportation will take up this proposed law.

The proposed law would create the Office of the National Cybersecurity Advisor, which would be an extension of the executive branch that would have broad power to control and monitor Internet traffic to protect against cybersecurity threats.  Furthermore, the Commerce Department would be given the ability to bypass every existing law regarding privacy, and access any relevant information regarding citizens and businesses use of the Internet while investigating cybersecurity threats (real and perceived).

The proposed law makes no clear indication of what is meant by the phrases “critical information network” or a “cybersecurity emergency,” instead (broadly) leaving that interpretation to the president.  The Secretary of Commerce would have “access to all relevant data concerning [critical] networks without regard to any provision of law, regulation, rule, or policy restricting such access.”

Continue Reading Proposed US Law Would Permit Government to Shut Down the Internet