Rep. Suzan DelBene (D-WA)
Rep. Derek Kilmer (D-WA), Rep. Marilyn Strickland (D-WA), Rep. Chrissy Houlahan (D-PA), Rep. Earl Blumenauer (D-OR), Rep. James Himes (D-CT), Rep. Charlie Crist (D-FL), Rep. John Larson (D-CT), Rep. Susan Wild (D-PA), Rep. Ed Perlmutter (D-CO), Rep. Matt Cartwright (D-PA), Rep. Steven Horsford (D-NV), Rep. Ed Case (D-HI), Rep. Tim Ryan (D-OH), Rep. Elissa Slotkin (D-MI), Rep. Kim Schrier (D-WA), Rep. Donald Beyer (D-VA), Rep. Rick Larsen (D-WA), Rep. Jim Costa (D-CA), and Rep. Betty McCollum (D-MN)
The Information Transparency and Personal Data Control Act would provide some privacy protections to all Americans while preventing states from enacting conflicting (and, potentially, stronger) privacy laws. In particular, the bill would require companies to provide their privacy policies in “plain English”; disclose if and with whom they will share users’ personal information and for what purpose; obtain users’ permission before processing their most sensitive personal data; and provide users with the ability to opt-out of the collection, transmission, storage, processing, selling, sharing, or other use of non-sensitive personal information.
The bill also gives the Federal Trade Commission (FTC) the ability to fine “bad actors,” and it empowers state Attorneys General to pursue violations if the FTC chooses not to act — but it doesn’t include a private right of action. Finally, the bill gives the FTC additional resources and rulemaking authority to keep up with evolving digital trends, and it requires large companies to undergo third-party privacy audits every two years.