With more and more attention being paid to the issue of privacy and protection of consumer data over the past several months, it is no surprise to see that congress is looking to take some action. US Senators Edward J. Markey (D-Mass) and Richard Blumenthal (D-Conn) have introduced a new bill, which is being called a ‘bill of rights’ for web privacy.
The bill is officially called The Customer Online Notification for Stopping Edge-Provider Network Transgressions Act, or CONSENT for short. It states that the Federal Trade Commission (FTC) will establish specific privacy protections when it comes to sites like Facebook and Google.
These types of online services are known as edge providers, which was defined back in 2014 by the FCC, which stated that an edge provider is any ‘individual or entity that provides any content, application, or service over the Internet, and any individual or entity that provides a device used for accessing any content, application, or service over the Internet.’ While this is pretty vague and could be used to describe most anything on the net today, this bill seems to primarily be focused on major sites, though it could apply to others.
Comparisons of the CONSENT Act and the European GDPR laws are already being made. Specifically this act will require edge providers to obtain opt-in consent from their users when they want to use, share, or sell any personal information. It will also require that they come up with reasonable data security practices, and notify all of their users about any type of collection, use, or sharing of their personal information. Perhaps most importantly, this bill would require these providers to notify users of any security breach that impacted their personal data.
As of now this is just a bill and it is not clear whether or not it will pass. Given the current climate of people complaining about privacy issues and data breaches, however, it seems likely that this bill, or one similar to it, will be passing in the coming months.