Senators John Kerry (D-Mass.) and John McCain (R-Ariz.) don’t agree on much in the policy arena, except when it comes to protecting online privacy.
The incongruous couple are political bedfellows on a piece of legislation introduced yesterday called The Commercial Privacy Bill of Rights Act of 2011 that seeks to establish a legal framework to prevent the collection, use, and dissemination of U.S. citizens’ personally identifiable information. If it becomes law, the bill would significantly reduce the reach of behaviorally targeted advertising.
Like the actual Bill of Rights, the Kerry-McCain bill lays out a series of inalienable online rights: to “security and accountability,” for those who collect individuals’ data.
Consumers would also win the right to “notice, consent, access, and correction of information” collected by data brokers, who would also face new regulations requiring them to be transparent about what data they collect and why they collect it. Organizations would be required to offer opt-outs to any individuals who don’t want their data collected or their activity tracked. Data brokers would be required to provide “robust and clear” notice to individuals
regarding their right to opt-out of information sharing intended to be
sold to third parties for behavioral advertising. Data collectors would also be required to get consent before collecting personally identifiable information of any kind. Finally, consumers would have the right to view and amend the data that has been compiled about them at any time.
Finally, U.S. citizens would win the right to “data minimization, constraints on distribution, and data integrity,” meaning that collectors of personal information would only be able to collect what is necessary for the delivery of their service.
Within the guideline established by the proposed legislation, companies would still be permitted to collect data and store it for a reasonable amount of time for research purposes. But the Kerry-McCain bill requires that companies establish contracts with third-parties to whom they disseminate information, so as to guarantee that these third-parties act within the bounds of the legislation. They also must establish a mechanism for maintaining information accuracy.
Enforcement would fall under the jurisdiction of the State Attorneys General and the Federal Trade Commission.
For more information you can read the press release in its entirety at John Kerry’s official Senate website.