Online Personal Privacy Act

1/16/2023, 12:18 PM

Congressional Summary of S 2201

Online Personal Privacy Act - Title I: Online Privacy Protection - Prohibits an Internet service provider, online service provider, or operator of a commercial website (provider) from collecting or disclosing personally identifiable information (name, address, and phone number) of a user without clear and conspicuous user notice. Requires a provider to: (1) obtain affirmative written or electronic consent to the collection and disclosure of sensitive personally identifiable information (health, race, political party, religious belief, sexual orientation, social security number, or financial information); (2) provide robust notice, in addition to clear and conspicuous notice, of the opportunity to opt-out of the collection or disclosure of personally identifiable information; and (3) notify all users of a change in policy for the collection, use, or disclosure of sensitive or nonsensitive personally identifiable user information. Requires each provider to designate a privacy compliance officer responsible for ensuring compliance with this title and other privacy policies.

(Sec. 104) Provides exceptions to the privacy requirements, including emergency disclosures : (1) that are critical to the life, safety, or health of the user or other individuals; (2) with respect to which obtaining prior consent is not feasible; and (3) that are no greater in scope than is necessary to accomplish the emergency purpose.

(Sec. 105) Requires a provider to: (1) allow reasonable user access to personally identifiable information collected and retained; and (2) establish and maintain procedures to protect the security, confidentiality, and integrity of such information.

Title II: Enforcement - Provides for enforcement of this Act through the Federal Trade Commission (FTC), citing violations as unfair or deceptive acts or practices.

(Sec. 203) Presumes compliance with requirements of this title if a provider: (1) is a participant in a self-regulatory program approved by the FTC; and (2) is deemed by such program to be in full compliance. Provides for FTC approval of such programs that provide the privacy protection required under title I. Requires the FTC, every two years, to reevaluate its approval of each program. Allows for appeal of an FTC decision not to approve a program.

(Sec. 204) Makes this Act inapplicable to a small business that: (1) has annual gross revenue under $1 million; (2) has fewer than 25 employees; (3) collects or uses personally identifiable information from fewer than 1,000 consumers per year for a purpose unrelated to a regular consumer transaction; (4) does not process such collected information; and (5) does not sell or disclose such information for consideration.

(Sec. 205) Authorizes enforcement actions by both private users and States on behalf of their residents. Allows FTC intervention in State actions.

(Sec. 207) Provides whistleblower protections for provider employees.

Title III: Application to Congress and Federal Agencies - Requires the Sergeant at Arms of the United States Senate to develop regulations governing Internet use by Senate officers and employees is accordance with this Act. Applies this Act to each Federal agency that is an Internet or online service provider or that operates a website, except when application would compromise law enforcement activities or investigative, security, or safety operations.

Title IV: Miscellaneous - Provides definitions for purposes of this Act.

(Sec. 403) Requires the FTC to: (1) initiate and complete a rulemaking for implementing this Act; and (2) report to specified congressional committees on its implementation and effectiveness.

(Sec. 405) Amends the National Institute of Standards and Technology Act to direct the National Institute of Standards and Technology to encourage and support the development of computer programs, protocols, or software capable of being installed on computers with Internet access that would automatically execute a program for the protection of personally-identifiable or other sensitive, privacy-related information.

Title V: Offline Privacy - Requires the FTC Chairman to submit to specified congressional committees recommendations and proposed regulations on similar protection standards for entities that collect personally identifiable information using methods or actions that are not covered in this Act.

Read the Full Bill

Formatted TextPDF

Current Status of Bill S 2201

Bill S 2201 is currently in the status of Bill Introduced since April 18, 2002. Bill S 2201 was introduced during Congress 107 and was introduced to the Senate on April 18, 2002.  Bill S 2201's most recent activity was Placed on Senate Legislative Calendar under General Orders. Calendar No. 551. as of August 1, 2002

Bipartisan Support of Bill S 2201

Total Number of Sponsors
1
Democrat Sponsors
1
Republican Sponsors
0
Unaffiliated Sponsors
0
Total Number of Cosponsors
10
Democrat Cosponsors
8
Republican Cosponsors
2
Unaffiliated Cosponsors
0

Policy Area and Potential Impact of Bill S 2201

Primary Policy Focus

Science, Technology, Communications

Potential Impact Areas

Administrative procedureAdministrative remediesAgricultural creditAgriculture and FoodBank recordsBusiness recordsCivil Rights and Liberties, Minority IssuesCivil actions and liabilityCommerceComputer networksComputer security measuresComputer softwareComputers and governmentCongressCongressional employeesCongressional officersCongressional reporting requirementsConsumer educationDamagesDiscrimination in employmentDismissal of employeesElectronic mail systemsFederal Trade CommissionFeesFinance and Financial SectorFines (Penalties)Government Operations and PoliticsGovernment and businessGovernment paperworkIdentification devicesIndependent regulatory commissionsInjunctionsInternetInternet service providersLabor and EmploymentLawLegislationParties to actionsRestrictive trade practicesRight of privacySenateSocial WelfareSocial security numbersTelephoneWeb sitesWhistle blowingWorld Wide Web

Alternate Title(s) of Bill S 2201

Online Personal Privacy ActA bill to protect the online privacy of individuals who use the Internet.Online Personal Privacy ActOnline Personal Privacy ActInternet Users Privacy Protection bill
Start holding our government accountable!

Comments

Sponsors and Cosponsors of S 2201

Ernest F. Hollings
Ernest F. Hollings
South Carolina(Independent)
Robert G. Torricelli
Robert G. Torricelli
New Jersey(Independent)
Ted Stevens
Ted Stevens
Alaska(Independent)
John D. Rockefeller IV
John D. Rockefeller IV
West Virginia(Democrat)
Bill Nelson
Bill Nelson
Florida(Democrat)
John F. Kerry
John F. Kerry
Massachusetts(Democrat)

Latest Bills

AM Radio for Every Vehicle Act of 2025
Bill S 315April 12, 2025
Recovery of Stolen Checks Act
Bill HR 1155April 12, 2025
Strengthening Support for American Manufacturing Act
Bill S 99April 12, 2025
American Music Tourism Act of 2025
Bill S 195April 12, 2025
National Taxpayer Advocate Enhancement Act of 2025
Bill HR 997April 12, 2025
OFAC Licensure for Investigators Act
Bill HR 1450April 12, 2025
Electronic Filing and Payment Fairness Act
Bill HR 1152April 12, 2025
Internal Revenue Service Math and Taxpayer Help Act
Bill HR 998April 12, 2025
Filing Relief for Natural Disasters Act
Bill HR 517April 12, 2025
Authorizing the use of the Capitol Grounds for the National Peace Officers Memorial Service and the National Honor Guard and Pipe Band Exhibition.
Bill HCONRES 9April 12, 2025