` 8 Proposals on Privacy from Draft Senate Policy Paper - Clarip Privacy Blog
ENTERPRISE    |    CONSUMER PRIVACY TIPS    |    DATA BREACHES & ALERTS    |    WHITEPAPERS

8 Proposals on Privacy from Draft Senate Policy Paper

Axios obtained a 23-page draft policy paper from the office of Senator Mark Warner (D-Va.), ranking member on the Senate Intelligence Committee, which discusses problems at Big Tech platforms and potential solutions, including the issue of privacy and data protection. The undated paper is titled: “Potential Policy Proposals for Regulation of Social Media and Technology Firms.”

There are a number of possible proposals considered for privacy law. The draft paper takes a neutral approach summarizing the top arguments for and against them. If this paper is any indication of what other people in the legislative process are doing (i.e., White House), then there is still a lot of work to be done before we can expect Congress to pass a new privacy law.

Here is an overview of some of the major topics:

Information Fiduciaries: One way to handle data protection could be to give certain types of online service providers special duties to respect and protect data. Such businesses might include search engines, social networks, ISPs and cloud computing providers. Fiduciary duties have been established in some areas by tort law, but could also be established statutorily given the extent of user dependence on them.

FTC Rulemaking Authority: The paper highlights that previous efforts to give the Federal Trade Commission rulemaking authority have been defeated despite the fact that many attribute its inability to adequately police data protection and unfair competition. It also notes that the agency’s funding has fallen 5% since 2010 and that more funding is necessary for it to develop the tools needed to evaluate complex algorithmic systems.

lawbooks

GDPR: The European Union law could serve as a model for U.S. action on data protection and privacy regulations with features such as data portability, the right to be forgotten, 72 hour breach notifications, first party consent and other protections. However, there have been significant concerns raised about whether this is the right solution for the United States.

First Party Consent: Because of concerns about third party access and usage of data, the U.S. could move to a system that eliminates data usage without first party consent. However, there are concerns about eliminating the third party data market, imbalances in bargaining power that could be used to obtain consent, manipulation of consent forms and the cost to users about foregoing services to protect privacy.

Dark Patterns: The U.S. could decide to regulate settings intentionally designed to influence users toward taking actions that they would not normally do by skewing user choice toward the default option and minimizing alternative options.

Algorithm Fairness: GDPR provides user rights with regard to automated decision-making. The United States might alternatively set mandatory standards to audit algorithms to evaluate for fairness (eliminating improper reasons for rejecting person covered by program) and for potential hidden bias. Or it could provide other rights such as the sources of data used to make determinations and the ability to correct or amend erroneous data.

Other suggestions implicating privacy considered in the competition portion of the bill were:

Data Transparency: More granular and continuous alerts on how consumer data is being used.

Data Portability: To counteract diminished incentives for consumers to switch to new providers due to lock-in effects.

Here is the link to the full draft.

More from Clarip: – Other Blog Posts on Privacy Bills in the US Senate:

American Data Dissemination Act – Senator Marco Rubio.
Data Care Act – 15 Senate Democrats led by Senator Schatz
Consumer Data Protection Act – Draft by Senator Wyden
Senator Thune Privacy Bill
Social Media Privacy and Consumer Rights Act introduced into Senate
Senate to Consider CONSENT Act for Enhanced Privacy Protections Online
Do Not Track Kids Act Back in Congress

Improve Data Privacy for GDPR or CCPA with Clarip

The Clarip team and privacy management software are ready to meet your compliance automation challenges. Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo or speak to a member of the Clarip team.

If compliance with the California Consumer Privacy Act is your focus until 2020, ask us about our CCPA software. Handle automation of data subject access requests with our DSAR Portal, or provide the right to opt out of the sale of personal information with the consent software.

Need to improve your GDPR compliance solution? Clarip offers modular GDPR software that can fill in gaps in your privacy program. Choose from the data mapping software for an automated solution to understanding your data collection and sharing, conduct privacy risk assessments with DPIA software, or choose the cookie consent manager for ePrivacy.

Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo and speak to a member of the Clarip team.

Contact

  • 1521, Concord Pike, Suite #301,
    Wilmington, DE 19803 USA
  • 20 Montchanin Road, Suite 20,
    Greenville, DE 19807 USA
  • Contact Online

888-252-5653

About

Consumers

Businesses

The pixel
Show Buttons
Hide Buttons