Tag Archives: Congress

Department of Commerce Official Asks Congress to Enact “Privacy Bill of Rights”

Posted on March 16, 2011 by Hunton & Williams LLP

On March 16, 2011, U.S. Department of Commerce Assistant Secretary for Communications and Information Lawrence Strickling called on Congress to enact robust, baseline legislation to “reform consumer data privacy in the Internet economy.” Speaking before the U.S. Senate Committee on Commerce, Science and Transportation, Assistant Secretary Strickling emphasized the Department of Commerce’s support for a legislative proposal that would adopt many of the recommendations of the “Green Paper,” a Department report authored last December. Continue reading…

Tags: , , , , , , , , ,

Congressman Stearns Discusses Upcoming Privacy Legislation

Posted on March 7, 2011 by Hunton & Williams LLP

On March 4, 2011, Congressman Cliff Stearns (R-FL) announced plans to introduce new online privacy legislation. The proposed bill is based on legislation Stearns drafted in 2005, the Consumer Privacy Protection Act, which was not reported out of committee. While speaking at a Technology Policy Institute event, “Online Privacy After the DOC and FTC Reports,” Stearns stressed that this new legislation would seek to balance “privacy with innovation,” protecting the interests of both businesses and their online customers.

According to Stearns, “[t]he goal of the legislation is to empower consumers to make their own privacy choices.” The proposed law would require that entities “provide consumers in clear and easy to understand language what information is being collected and how the information is being used.” As we previously reported, Stearns, along with former Congressman Rick Boucher (D-VA), introduced a bill last year aimed at protecting personal privacy.

View Congressman Stearns’ press release.

Tags: , , , ,

President Obama Signs Red Flag Program Clarification Act

Posted on December 20, 2010 by Hunton & Williams LLP

On December 18, 2010, President Obama signed into law the “Red Flag Program Clarification Act of 2010” (S.3987), which amends the Fair Credit Reporting Act with respect to the applicability of identity theft guidelines to creditors.  The law limits the scope of the Federal Trade Commission’s Identity Theft Red Flags Rule (“Red Flags Rule”), which requires “creditors” and “financial institutions” that have “covered accounts” to develop and implement written identity theft prevention programs to help identify, detect and respond to patterns, practices or specific activities that indicate possible identity theft.

Continue reading…

Tags: , , , , , ,

House Approves Social Security Number Protection Act

Posted on December 9, 2010 by Hunton & Williams LLP

On December 8, 2010, the U.S. House of Representatives approved the Social Security Number Protection Act of 2010 (S. 3789), which is aimed at reducing identity theft by limiting access to Social Security numbers.  The bill prohibits printing Social Security numbers, or any derivative of a Social Security number, on government-issued checks, and bars federal, state and local government entities from employing prisoners in jobs that would allow them to access Social Security numbers.  Although there are numerous state laws on the books to safeguard Social Security numbers, the Social Security Number Protection Act will provide federal coverage.  The bill was introduced by Senators Dianne Feinstein (D-CA) and Judd Gregg (R-NH) and passed in the Senate by unanimous consent on September 28, 2010.  It is now headed for signature by President Obama.

Tags: , , , ,

Senate Passes Bill to Limit Red Flags Rule Scope

Posted on December 3, 2010 by Hunton & Williams LLP

The “Red Flag Program Clarification Act of 2010” (S. 3987) has passed the Senate.  The legislation would limit the scope of the Red Flags Rule, which requires certain “creditors” to develop and implement written identity theft prevention programs to help identify, detect and respond to patterns, practices or specific activities that indicate possible identity theft.  The new legislation would exclude from the definition of “creditor” certain entities that “[advance] funds on behalf of a person for expenses incidental to a service provided by the creditor to that person.”  As we previously reported, companion legislation has been introduced in the House of Representatives.

Tags: , , ,

House Bill to Limit Scope of Red Flags Rule with Amended “Creditor” Definition

Posted on November 19, 2010 by Hunton & Williams LLP

On November 17, 2010, Representative John Adler (D-NJ) introduced the Red Flag Program Clarification Act of 2010 (H.R. 6420) to “amend the Fair Credit Reporting Act with respect to the applicability of identity theft guidelines to creditors.”  The bipartisan bill seeks to limit the scope of the FTC’s Identity Theft Red Flags Rule, which requires “creditors” and “financial institutions” that have “covered accounts” to develop and implement written identity theft prevention programs to help identify, detect and respond to patterns, practices or specific activities that indicate possible identity theft.

Continue reading…

Tags: , , ,

Key Voice on Privacy Issues Loses Congressional Reelection Bid While Another Joins the Senate

Posted on November 3, 2010 by Hunton & Williams LLP

Representative Rick Boucher (D-VA), current head of the House Subcommittee on Communications, Technology and the Internet, lost his reelection bid yesterday to Republican Morgan Griffith, the Majority Leader of the Virginia House of Delegates.  Representative Boucher, widely recognized and respected for his legislative efforts in the areas of technology, telecommunications and privacy law, co-authored the CAN-SPAM Act and also introduced draft privacy legislation earlier this year.  Congressman Boucher’s defeat leaves the House Subcommittee on Communications, Technology and the Internet panel without its top Democrat, and it is unclear who will fill that leadership vacancy. Continue reading…

Tags: , , , , , , , , , , ,

Updates on Federal Cybersecurity Legislation

Posted on September 10, 2010 by Hunton & Williams LLP

The United States Congress is currently considering several bills addressing cybersecurity issues.  Below are brief summaries of four such bills.

The Grid Reliability and Infrastructure Defense (“GRID”) Act

The GRID Act was passed by the House of Representatives on June 9, 2010.  This bill would amend the Federal Power Act to grant the Federal Energy Regulatory Commission (“FERC”) authority to issue emergency orders requiring critical infrastructure facility operators to take actions necessary to protect the bulk power system.  Prior to FERC issuing such an order, the President would have to issue a written directive to FERC identifying an imminent threat to the nation’s electric grid.  FERC would be required to consult with federal agencies or facility operators before issuing an emergency order only “to the extent practicable” in light of the nature of the threat.  The GRID Act is being considered by the Senate Committee on Energy and Natural Resources at this time.

Continue reading…

Tags: , , , , ,

Sweeping Privacy Legislation Would Include Private Right of Action

Posted on July 20, 2010 by Hunton & Williams LLP

On July 19, 2010, Representative Bobby Rush (D-Ill.) introduced a bill "to foster transparency about the commercial use of personal information" and "provide consumers with meaningful choice about the collection, use and disclosure of such information."  The bill, cleverly nicknamed the "BEST PRACTICES Act", presumably intends to set the standards for the use of consumer personal information by marketers.  A similar bill was introduced by Representatives Boucher and Stearns in early May.  Although both proposals would require opt-out consent for online behavioral advertising and express, affirmative consent for the collection or sharing of sensitive information, Rush’s bill has a broader definition of "sensitive information" and includes several other key differences.  Perhaps most notably, unlike the earlier draft legislation, Rush’s bill features a private right of action that would allow individuals to sue companies that violate the law for up to $1,000 in actual damages, plus punitive damages and costs and attorney’s fees.  The bill contains a safe harbor from the private right of action for companies that participate in, and comply with, a self-regulatory "Choice Program" approved by the FTC.  In addition, the bill excludes from its definition of "covered information" any information collected from or about an employee by an employer "that directly relates to the employee-employer relationship."  A hearing on the proposed bill will be held on Thursday July 22, 2010.

Read the text of the bill

Tags: , , , , ,

FTC Further Extends Enforcement Deadline for Red Flags Rule

Posted on May 28, 2010 by Hunton & Williams LLP

On May 28, 2010, the FTC announced that it would again delay enforcement of the Identity Theft Red Flags Rule.  This is the fifth time the Commission has announced an extension of the enforcement deadline, after most recently extending the deadline to June 1, 2010.  The Red Flags Rule requires “creditors” and “financial institutions” that have “covered accounts” to develop and implement written identity theft prevention programs to help identify, detect and respond to patterns, practices or specific activities – known as “red flags” – that could indicate identity theft.  The enforcement date is now December 31, 2010, for creditors and financial institutions subject to FTC jurisdiction.  The FTC stated that the delay had been requested by members of Congress who are currently considering a bill that would limit the rule’s scope.  If Congress passes legislation limiting the scope of the Red Flags Rule with an effective date earlier than December 31, 2010, the FTC will begin enforcement as of that effective date.

Please refer to our previous post regarding other developments that may limit the Red Flags Rule’s application.

Tags: , ,