Data Risk Intelligence
Automated Data Mapping
Do Not Sell/Do Not Share
Cookie Banner Solutions
Consent & Preferences
Data Rights RequestsNew Senate Privacy Bill: Own Your Own Data Act Summarized
US Senator John Kennedy (R-LA) introduced a bill called the Own Your Own Data Act into the United States Senate last week. It joins a growing list of other privacy bills under consideration in the House and Senate as Congress considers a new federal privacy law.
The Own Your Own Data Act provides an exclusive property right in the data an individual generates on the internet. Overall, it is a short three page bill that contains only one major section – “Protection of Personal Information Generated on Internet”. The bill does not yet define its target organization, the “social media company”.
What does the Own Your Own Data Act require? In addition to the declaring a property right for an individual’s generated data, it:
– Requires prominent icons to allow users to obtain a copy of their data or export it along with any analysis performed by the social media company.
– Requires users to enter into a licensing agreement during the registration of an account that is written in plain language and allows use of the data by the social media company. The company is required to have an icon that can be clicked to immediately cancel the license agreement.
The law will be enforced by the Federal Trade Commission. The bill gives the FTC authority to promulgate regulations subject to approval by Congress.
The Own Your Own Data Act makes explicit that a user owns their own personal data. However, it does include an explicit right to delete that data. Instead, it asks companies to create a license agreement and allow that individual to revoke the license by clicking an icon. The law does not specify precisely what happens when a user revokes the license, but presumably the social media company would no longer be able to display it online.
The Own Your Own Data Act also does not explicitly require that the information be given in a portable format like the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This certainly is not the new comprehensive federal privacy bill that has been debated over the past year but could be an add on wrapped up in the final legislation if it gains sufficient support. Members of the Senate Commerce Committee have reportedly been working on a bipartisan privacy bill with the goal of releasing it early this year, but it has not been released yet. One sticking point could be federal preemption – which industry has called for to be in any new federal privacy law.
Senator Kennedy previously introduced legislation along with Senator Amy Klobuchar (D-MN) called the Social Media Privacy and Consumer Rights Act. The social media bill was reintroduced into the current session of Congress at the beginning of the year. When we looked at the privacy bill last year, it included among other things a plain language requirement, right of access, opt-out right for data tracking, 72 hour privacy violation notice and a requirement for online platforms to create a privacy program.
Other Relevant Posts:
Proposed Senate Privacy Bill of Rights Act Includes Private Right of Action
Summary of Latest Senate Bill to Amend COPPA
New Federal Privacy Bill: Commercial Facial Recognition Privacy Act
New Senate Privacy Bill: Digital Accountability and Transparency to Advance (DATA) Privacy Act
Privacy Law News: Senate Banking & Commerce Committees, GAO, California Data Dividend
More Resources:
Check out the materials Clarip has gathered on the CCPA and contact us to see a demo of the Clarip privacy management platform used by Fortune 500 clients.
