Top 10 Privacy Issues for 2011
Social media and location-based technologies top the list of concerns.
Days after Sens. John McCain (R-Ariz.) and John Kerry (D-Mass.) introduced the Commercial Privacy Bill of Rights Act of 2011, I had a chance to speak with Reed Smith privacy and data security attorney Amy Mushahwar to get the details on what the bill includes, what it does not include and what it will mean for state privacy legislation.
According to a client alert, among other things, the proposed legislation would require covered entities to provide their customers with "clear, concise and timely notice" of the entity's privacy policies and practices regarding the collection, use and distribution of personally identifiable information, as well as the reasons behind those practices. They must also allow customers a choice regarding how or even if their data is collected, used, stored or distributed according to the stated practices.
The bill also contemplates including unique identifiers like IP addresses within the definition of protected information, Mushahwar told me. Though the concept is not new-it has appeared before in FTC staff guidance, she said-the McCain-Kerry bill is the first piece of legislation that, if passed, would classify IP addresses as protected.
It's a sexy topic, and it's something that is tangible for consumers given the success of do-not-call. On top of that, a Democratic legislator in California just introduced a do-not-track law for the state.
And because websites are 24/7 endeavors that operate on a global scale, state privacy laws like the proposal in California can become mandates that are like national laws simply because everyone has to make their websites comply with those laws. Mushahwar said:
Most website operators do not have the ability to screen out California (or any other state's residents for that matter), so compliance with privacy laws in all 50 states, to the extent feasible, is the standard.
Of course, if the McCain-Kerry bill passes, it could look quite different than the proposals that are currently before Congress. But these are the things companies that would be subject to the new law need to be contemplating in the meantime.