A group of Democratic senators announced the latest proposed federal legislation around online privacy intended to give consumers control over their personal data and hold Big Tech accountable to a high standard of data protection.

Senator Maria Cantwell (D-Wash.), along with her colleagues Brian Schatz (D-Hawaii), Amy Klobuchar (D-Minn.), and Ed Markey (D-Mass.), introduced the bill in the Senate on Tuesday. The Consumer Online Privacy Rights Act (COPRA) is intended “to provide consumers with foundational data privacy rights, create strong oversight mechanisms, and establish meaningful enforcement,” the bill states.

“In the growing online world, consumers deserve two things: privacy rights and a strong law to enforce them,” Cantwell said. “They should be like your Miranda rights—clear as a bell as to what they are and what constitutes a violation.”

Under the bill, harmful data practices impacting the privacy of consumers would be clearly prohibited by federal law for the first time. The bill also would create a broad array of privacy rights, including:

  • The right to be free from deceptive and harmful data practices; financial, physical, and reputational injury; and acts that a reasonable person would find intrusive, among others.
  • The right to access data and greater transparency, which means consumers have detailed and clear information on how their data is used and shared.
  • The right to control the movement of data, which gives consumers the ability to prevent data from being distributed to unknown third parties.
  • The right to delete or correct data.
  • The right to take data to a competing product or service.

“Our legislation establishes digital rules of the road for companies, ensures that consumers have the right to access and control how their personal data is being used, and gives the Federal Trade Commission and state attorneys general the tools they need to hold big tech companies accountable. It’s time for Congress to pass comprehensive privacy legislation,” said Klobuchar.

Among other enforcement and accountability measures, the bill would create requirements for senior executives to take responsibility for decisions that impact privacy—and risk penalties when they fall short. The bill would also protect whistleblowers from being punished for bringing privacy violations to light.

The bill would not supersede similar state laws, such as the California Consumer Privacy Act (CCPA) set to take effect Jan. 1, 2020. Such an omission runs counter to the motivation of those in Big Tech that have called on Congress to enact a sweeping federal privacy law instead of abiding by multiple state laws across the country. 

COPRA follows on the heels of a federal privacy bill called the Mind Your Own Business Act proposed by Senator Ronald Wyden (D-Ore.) in October.

Websites

We are not responsible for the content of external sites
Aly McDevitt is Data & Research Journalist at Compliance Week. She has a background in education and college consulting. Prior to teaching, she was an editor/author at Thomson Reuters.

Topics