President Barack Obama has put out for discussion a draft of the Consumer Privacy Bill of Rights Act.
The Act would:
- require compliance with fair information practice principles, which set out the legal obligations for the covered entities when collecting, creating, processing, using or disclosing personal data
- require that data security measures are reasonable in light of the “privacy risks”, defined as those risks that cause emotional distress or physical, financial or professional harm to the consumer
- impose civil penalties up to US$25 million, and
- provide a safe harbour for those entities that adhere to codes of conduct approved by the Federal Trade Commission.
Link: Discussion draft of Consumer Privacy Bill of Rights Act