Two More Online Privacy Bills to Hit Congress

edmarkeyAnother do-not-track bill is expected in the U.S. Senate soon, while in the House, representatives have floated a draft bill that would limit data collection from young people. The anticipated legislation adds to what’s becoming a surfeit of privacy bills, some of which take a cue from the Federal Trade Commission’s support for the do-not-track concept.

Senate Commerce Committee Chairman Jay Rockefeller announced today he will offer up a Do-Not-Track Online Act of 2011 next week. That bill would require “online companies to honor consumer choice when consumers do not want anyone to collect information about their online activities,” according to a press release. Like other do-not-track and online privacy related bills pending, the Rockefeller legislation would give the FTC enforcement power to take action against violators.

Rockefeller’s bill would be the second recent privacy bill to come out of the Senate. Last month, Senators John Kerry, a Democrat, and John McCain, a Republican, introduced their “Commercial Privacy Bill of Rights Act of 2011,” intended to addresses online and offline data privacy. That bill would have the FTC develop rules requiring that companies offer consumers “a robust, clear, and conspicuous” opt-out mechanism from use of their personally-identifiable data by third parties “for behavioral advertising or marketing.” Kerry sits on the Senate Commerce Committee along with Rockefeller, a fellow Democrat.

Meanwhile, in the House, two Representatives have floated a new privacy bill aimed at restricting collection of young people’s data. The FTC plays a key role in the Do Not Track Kids Act of 2011, which takes the form of a proposed amendment to the Children’s Online Privacy Protection Act of 1998. The amendment has been offered as a bipartisan discussion draft by Representatives Ed Markey (pictured) of Massachusetts – a Democrat – and Joe Barton of Texas – a Republican. The Barton/Markey draft would prohibit operators of websites, or mobile or web apps aimed at children or minors from compiling or disclosing their personal data to third parties for targeted marketing purposes. It would also establish a “Marketing Bill of Rights for Teens” in order to ensure that site and app operators “do not subject minors to unfair and deceptive surveillance, data collection, or behavioral profiling.” Both Markey and Barton sit on the House Energy and Commerce Committee.

For those keeping score, three privacy related bills have been officially introduced in the House, along with one in the Senate. If both Rockefeller’s Senate bill and Markey/Barton’s kids privacy bill in the House are officially introduced as anticipated, the total will come to six.

The Markey/Barton Do Not Track Kids draft gives the FTC the ability to create regulations requiring site and app operators to provide “clear and conspicuous” explanation of the types of personal data they collect, how it is employed, and if it is disclosed to other parties. It also deals with location data, proposing that site and app operators cannot collect such data from children without parental consent. Minors, by which the bill appears to refer to older minors who are not yet 17, would need to provide express consent before their location data is collected. The draft would have the FTC craft regulations requiring clear and conspicuous notice of collection of location data and usage.

During a joint House Subcommittee hearing held about a year ago, Markey indicated he believes new rules should be put in place also to protect adult consumer privacy where location-based data is concerned. Using the example of playing hooky to attend a New England Patriots/Carolina Panthers game and being caught when geographic data gives away his true location, Markey stated, “If it inhibits the business plans of a few software or telecommunications companies that’s tough luck.”

In April, Florida Republican Cliff Stearns and Utah Democrat Jim Matheson introduced a bipartisan privacy bill in the House. The “Consumer Privacy Protection Act of 2011,” uses as a template a bill introduced by Stearns in March 2005. That bill is perhaps the most industry-friendly of the privacy bills introduced in the House and Senate thus far, in part because it relies on privacy policies to alert consumers to data collection and usage, rather than requiring a more clear and conspicuous mechanism for opting out from such collection and usage.

The first of the recently introduced privacy bills came from Rep. Bobby Rush, an Illinois Democrat, who re-introduced the comprehensive privacy legislation in February. Soon thereafter, Rep. Jackie Speier, a California Democrat, proposed her “Do Not Track Me Online Act of 2011,” which calls for the FTC to establish regulations regarding collection and use of online behavioral and personal data. Like the Rush bill, it looks to the commission to determine standards for “an online opt-out mechanism.”

Related reading