GDPR Provisions Are Coming to a Privacy Bill Near You

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

U.S. Representative Cathy McMorris Rodgers, the Republican leader of the House Energy and Commerce Committee, and U.S. Representative Gus Bilirakis, the Republican leader for the Consumer Protection and Commerce Subcommittee, have submitted the “Control Our Data Act” bill.

Here are some key points:

Required privacy disclosure, which also needs to include a summary Required notice at collection Consumer rights including: confirmation (that there is data), access (but information only, not specific pieces), correction, deletion, objection to the use of sensitive information Prior express, separate consent for processing of sensitive information Processing of personal information only allowed if one of 5 justifications (similar to the GDPR legal bases) is found Retention limitation- retain only for as long as necessary for the purpose Privacy by design Required risk assessment (DPIA) Requirements for contracts for third party sharing Required measures for information security Data brokers: requirement for privacy notices, periodic audits and central registry FTC to issue regulations and guidance FTC to conduct a study to determine

Read the article