The Center for Democracy and Technology (CDT), a consumer advocacy group which has received large donations from Apple and Alphabet, has drafted a privacy bill it would like to see made federal law.
The bill would ban the collection of biometric data – like fingerprints and face-recognition data – as well as precise location data unless specifically needed to provide consumers with a service they have chosen to use …
Reuters reports that the CDT has been working on the draft bill for a year.
CDT Chief Executive Nuala O’Connor, who once ran the privacy operations at Amazon.com Inc and General Electric Co, said her organization began meeting with businesses and other privacy advocates a year ago to craft the bill.
The effort accelerated in the spring after Facebook Inc drew political scrutiny for allowing a maker of a quiz app on its service to transfer user data to political consulting firm Cambridge Analytica […]
“It was the tipping point in individual consumers seeing a real big risk,” O’Connor said in an interview. Lawmakers began calling her asking for ideas for legislation, she said.
Update: While the bill calls on tech firms to be fined if they breach the law, the Reuters report suggested that the maximum fine would be just $41,500. This is obviously peanuts to tech giants, which is why Europe’s own privacy law – GDPR – allows for a maximum fine of 4% of a company’s global turnover. However, the CDT advises me that this is not the case, and that it actually calls for fines ‘based on the number of individuals whose personal information was affected by a violation [and] proportionate to the severity of the violation as well as to the size and revenues of the covered entity.’
The CDT isn’t the only body working on a federal privacy bill draft. A US senator recently said that a bipartisan bill could reach draft form early next year.
Concerns about the misuse of personal data have rarely been out of the news for long since the Cambridge Analytica scandal. A recent NY Times piece showed how personally identifiable location data was being passed to as many as 40 different companies, a problem which could be partially alleviated by a new form of privacy protection.
Not all countries are on board, however. Australia recently passed an anti-encryption law designed to help fight criminals and terrorists, but which would threaten the privacy of everyone.