Information Transparency & Personal Data Control Act
Bill journey · stage 2 of 5
Under committee review
What it doesSummary introduced in house (Mar 11, 2021)
Information Transparency & Personal Data Control Act
This bill requires the Federal Trade Commission (FTC) to establish requirements for certain entities when they collect, transmit, store, process, use, or otherwise control sensitive personal information. Information relating to an identifiable individual is generally considered sensitive personal information. However, information that is publicly available is not considered sensitive.
Specifically, these entities must (1) obtain affirmative consent from users for functionality related to the disclosure of sensitive personal information, (2) publish a privacy and data use policy that is readily understandable, (3) provide users the ability to opt-out of the sharing of their nonsensitive information, and (4) obtain at least once every two years a privacy audit that evaluates the sufficiency of the entity's data privacy and security controls. These requirements do not apply to the collection or sharing of sensitive or nonsensitive personal information for certain purposes such as detecting fraud or identity theft.
The bill provides authority for the FTC and state attorneys general to enforce these requirements.
Additionally, the FTC must hire 500 new employees to focus on privacy and data security.
What just happenedMar 12, 2021
Referred to the Subcommittee on Consumer Protection and Commerce.
Who’s behind it
- Introduced in HouseMar 11, 2021
- Mar 12, 2021Committee
Referred to the Subcommittee on Consumer Protection and Commerce.
Innovation, Data, and Commerce Subcommittee - Mar 11, 2021IntroReferralH11100
Referred to the House Committee on Energy and Commerce.
Energy and Commerce Committee - Mar 11, 2021IntroReferralIntro-H
Introduced in House
- Mar 11, 2021IntroReferral1000
Introduced in House