Privacy Legislation in the 115 th Congress Privacy issues have been extremely active in recent years. In past Congresses, numerous privacy bills have been introduced on a bipartisan basis. In the Senate, Senators Dianne Feinstein (D- CA) and Richard Shelby (R-AL) have long called for wide-ranging privacy legislation. In the House, former Energy and Commerce Committee Chairman Joe Barton (R-TX) has strong views on this issue. In recent years, legislation has transitioned from general privacy issues to more specific issues such as data security and behavioral advertising. The FTC is also active in this area. It recently urged action on behavioral advertising practices. ANA has met frequently with the FTC to urge self-regulation and enforcement of existing laws and regulations rather than the enactment of new laws. We have developed a self-regulatory program for online behavioral advertising, the Digital Advertising Alliance (DAA), which promotes transparency, notice and choice for consumers. More information on the program can be viewed at http://www.aboutads.info. Senate S. 88 Developing Innovation and Growing the Internet of Things Act (DIGIT Act) Fischer This bill requires the Secretary of Commerce to convene a working (R-NE) group of Federal stakeholders to provide recommendations and a report to Congress related to the aspects of the Internet of Things (IoT). It also calls for a steering committee to advise the working group with regard to any Federal regulations, statutes, or programs that are inhibiting the development of the Internet of Things, as well as policies or programs that promote or are related to the privacy of individuals affected by the Internet of Things, may enhance the security of the Internet of Things, or may protect users of the Internet of Things. Booker (D-NJ) Gardner (R-CO) Schatz (D-HI) 1.10.2017: Bill Introduced 1.10.2017: Referred to the Committee on Commerce, Science, and 1.24.2017: Committee on Commerce, Science, and : Ordered to be reported without amendment favorably Related Bill: H.R. 686 (Rep. Paulsen) S. 395 Geolocational Privacy and Surveillance Act (GPS Act) Wyden This bill would prohibit the interception, disclosure and use of (D-OR) geolocation information (information concerning the location of a wireless device) pertaining to another person. There are exceptions for information acquired in the normal course of business, information acquired with prior consumer consent, for emergency information.
Provisions are included for recovery of civil damages up to $10,000 and criminal penalties including imprisonment up to five years. None 2.15.2017: Bill Introduced 2.15.2017: Referred to the Committee on the Judiciary Related Bill: H.R. 1062 (Rep. Chaffetz) Bill Number S.J. Res 34 Sponsor Flake (R-AZ) Bill Title A joint resolution providing for congressional disapproval under chapter 8 of title 5, United States Code, of the rule submitted by the Federal Communications Commission relating to "Protecting the Privacy of Customers of Broadband and Other Telecommunications Services" Description This resolution indicates congressional disapproval of the privacy rules for internet service providers issues by the Federal Communications Commission under the Open Internet Order. 24 3.7.2017: Resolution Introduced 3.7.2017: Referred to the Committee on Commerce, Science, and 3.15.2017: Senate Committee on Commerce, Science, and discharged by petition pursuant to 5 USC 802(c); placed on Senate Legislative Calendar under General Orders. Calendar No. 16 3.23.2017: Passed/agreed to in Senate without amendment by yeanay vote 50-48 3.28.2017: Passed/agreed to in House, on passage by the yeas and nays 215-205 3.30.2017: Presented to President 4.3.2017: Signed by President. Became Public Law No. 115-22 Related Resolution: H.J. Res 86 (Rep. Blackburn) S. 878 A bill to establish privacy protections for customers of broadband Internet access service and other telecommunications services. Markey This bill requires the FTC to establish rules requiring notice regarding (D-MA) the collection, use, and sharing of customer proprietary information by broadband internet service providers, including: the types of information collection, specifying how and for what purpose the ISP uses and shares the information, and identifying who the information might be shared with. Notice must be provided at point of sale or when a material change to privacy policy is made. Opt-in consent must be provided to share sensitive customer proprietary information (defined as financial and health information, information pertaining to children, Social Security numbers, geolocation information, content of
Blumenthal (D-CT) Warren (D-MA) Sanders (I-VT) Merkley (D-OR) Heinrich (D-NM) Udall (D-NM) Leahy (D-VT) Baldwin (D-WI) Van Hollen (D-MD) Franken (D-MN) communications, call detail information, and browser and app usage history). ISPs are prevented from denying service to a customer who refuses to give consent and requires them to develop data saucily practices and notice to consumers in the event of a breach 4.6.2017: Bill Introduced 4.6.2017: Referred to the Committee on Commerce, Science, and House of Representatives H.R. 135 Cyber Privacy Fortification Act of 2017 Conyers This bill imposes criminal and civil penalties for the intentional failure (D-MI/13) to provide notice of a security breach involving sensitive personally identifiable information (including name and address in combination with: a full Social Security number or other federal or state identification number, mother s maiden name and date or birth or biometric data; or a financial account number or credit/debit card number along with access code). Enforcement is shared by the Justice Department and state attorneys general. Fines of up to $500,000 can be imposed (and up to $1,000,000 for intentional disclosures) and injunctive relief may be sought. Johnson (D-GA/4) 1.3.2017: Bill Introduced 1.3.2017: Referred to the House Committee on the Judiciary 1.12.2017: Referred to Subcommittee on Crime, Terrorism, Homeland Security and Investigations 1.12.2017: Referred to the Subcommittee on Regulatory Reform, Commercial and Antitrust Law Bill Number H.R. 686 Sponsor Paulsen (R-MN/3) Bill Title Developing Innovation and Growing the Internet of Things Act (DIGIT Act) Description This bill requires the Secretary of Commerce to convene a working group of Federal stakeholders to provide recommendations and a report to Congress related to the aspects of the Internet of Things (IoT). It
Welch (D-VT/AL) Meehan (R-PA/7) Gabbard (D-HI/2) also calls for a steering committee to advise the working group with regard to any Federal regulations, statutes, or programs that are inhibiting the development of the Internet of Things, as well as policies or programs that promote or are related to the privacy of individuals affected by the Internet of Things, may enhance the security of the Internet of Things, or may protect users of the Internet of Things. 1.24.2017: Bill Introduced 1.24.2017: Referred to the House Committee on Energy and Commerce Related Bill: S. 88 (Sen. Fischer) H.R. 1062 Geolocational Privacy and Surveillance Act (GPS Act) Chaffetz This bill would prohibit the interception, disclosure and use of (R-UT/3) geolocation information (information concerning the location of a wireless device) pertaining to another person. There are exceptions for information acquired in the normal course of business, information acquired with prior consumer consent, for emergency information. Provisions are included for recovery of civil damages up to $10,000 and criminal penalties including imprisonment up to five years. Conyers (D-MI/13) Poe (R-TX/2) Lynch (D-MA/8) Welch (D-VT/AL) Labrador (R-ID/1) Jordan (R-OH/4) Issa (R-CA/49) 2.15.2017: Bill Introduced 2.15.2017: Referred to the Committee on the Judiciary, and in addition to the Committee on Intelligence (Permanent Select), for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned. 3.6.2017: Referred to the Subcommittee on Crime, Terrorism, Homeland Security, and Investigations (Judiciary) Related Bill: S. 395 (Sen. Wyden) H.J. Res. 86 A joint resolution providing for congressional disapproval under chapter 8 of title 5, United States Code, of the rule submitted by the Federal Communications Commission relating to "Protecting the Privacy of Customers of Broadband and Other Telecommunications Services" Blackburn (R-TN/7) This resolution indicates congressional disapproval of the privacy rules for internet service providers issues by the Federal Communications Commission under the Open Internet Order. 16 3.8.2017: Introduced in House 3.8.2017: Referred to House Committee on Energy and Commerce
3.10.2017: Referred to Subcommittee on Communications and Technology Related Resolution: S.J. Res 34 (Sen. Flake) see this resolution for further action H.R. 1868 Restoring American Privacy Act of 2017 Rosen (D-NV/3) This bill would subject broadband internet service providers to the privacy rules adopted by the Federal Communications Commission on October 27, 2016. Pallone (D-NJ/6) Doyle (D-PA/14) Capuano (D-MA/7) Kuster (D-NH/2) 4.4.2017: Introduced in House 4.4.2017: Referred to House Committee on Energy and Commerce