December 03, 2019
Data Care Act will stop websites and apps from using personal data to harm users, protect user information from hacks and hold companies accountable for misuse
[WASHINGTON, DC] – Today, U.S. Senators Tammy
Duckworth (D-IL) and Dick Durbin (D-IL), along with 14 other Senators led by
Senator Brian Schatz (D-HI), reintroduced legislation to protect people’s
personal data online. The Data Care Act would require websites, apps,
and other online providers to take responsible steps to safeguard personal
information and stop the misuse of users’ data.
“Over the past few years, we’ve seen numerous major
hacks or data leaks of private user information from big corporations and it’s
clear that Congress needs to act to protect Americans’ personal data online,”
said Duckworth. “Health professionals and financial advisors have long been
responsible for keeping personal information safe and protected; it’s time we
extend this common-sense principle to websites and online providers. I’m proud
to join Senators Schatz and Durbin in leading the charge on this important
legislation to do that.”
“In the era of ‘big data,’ consumers want to know they
can trust websites and apps with their personal information – and that it won’t
be misused,” said Durbin. “I’m proud to support the Data Care Act to
ensure that online providers are prioritizing data safeguards and locking down
sensitive information while holding violators accountable for abusing users’
Doctors, lawyers and bankers are legally required to
exercise special care to protect their clients and not misuse their
information. While online companies also hold personal and sensitive
information about the people they serve, they are not required to protect
consumers’ data. This leaves users in a vulnerable position; they are expected
to understand the information they give to providers and how it is being used –
an unreasonable expectation for even the most tech-savvy consumer. By
establishing an explicit duty for online providers, Americans can trust that
their online data is protected and used in a responsible way.
Along with Duckworth, Durbin and Schatz, the Data Care
Act is co-sponsored by U.S. Senators Michael Bennet (D-CO), Catherine
Cortez Masto (D-NV), Ed Markey (D-MA), Tammy Baldwin (D-WI), Joe Manchin
(D-WV), Sherrod Brown (D-OH), Cory Booker (D-NJ), Amy Klobuchar (D-MN), Maggie
Hassan (D-NH), Martin Heinrich (D-NM), Patty Murray (D-WA), Bernie Sanders
(I-VT) and Chris Murphy (D-CT).
The Data Care Act establishes reasonable duties
that will require providers to protect user data and will prohibit providers
from using user data to their detriment:
Duty of Care – Must reasonably secure individual
identifying data and promptly inform users of data breaches that involve
Duty of Loyalty – May not use individual
identifying data in ways that harm users;
Duty of Confidentiality – Must ensure that the
duties of care and loyalty extend to third parties when disclosing, selling or
sharing individual identifying data;
Federal and State Enforcement – A violation of
the duties will be treated as a violation of an FTC rule with fine authority.
States may also bring civil enforcement actions, but the FTC can intervene.
States and the FTC may go after both first- and third-party data collectors.
Rulemaking Authority – FTC is granted rulemaking
authority to implement the Act.
Go to Source