0
Data Privacy Act of 2023
12/16/2024, 7:29 PM
Summary of Bill HR 1165
The Data Privacy Act of 2023 aims to establish a comprehensive framework for the collection, use, and sharing of personal data by companies and organizations. It requires these entities to obtain explicit consent from individuals before collecting their personal information and to provide clear and transparent explanations of how this data will be used.
Additionally, the bill includes provisions for individuals to access, correct, and delete their personal data held by companies. It also requires companies to implement strong security measures to protect this data from unauthorized access or breaches. Furthermore, the Data Privacy Act of 2023 establishes a new federal agency, the Data Privacy Commission, to oversee and enforce compliance with the provisions of the bill. This agency will have the authority to investigate complaints, issue fines for non-compliance, and work with other government agencies to ensure the protection of individuals' privacy rights. Overall, the Data Privacy Act of 2023 represents a significant step towards enhancing data privacy protections for individuals in the United States. It seeks to balance the need for companies to collect and use personal data for legitimate purposes with the fundamental right of individuals to control their own information.
Congressional Summary of HR 1165
Data Privacy Act of 2023
This bill addresses the privacy and security of personal information held by financial institutions. The bill expands the application of current protections, it provides individuals with controls for limiting the collection of their information, and it establishes data privacy standards nationwide.
Currently, financial institutions must protect personal information and provide notice about privacy practices. The bill expands personal information protections that currently apply to customers (individuals who have a continuing relationship with a financial institution) to consumers (individuals who have a more limited relationship with a financial institution, such as those who apply for but do not receive a loan). The bill also expands notice requirements to apply to the collection of individual data.
Under the bill, financial institutions must (1) inform individuals for what purpose their data is collected and how the data will be used, and (2) give individuals the opportunity to opt out of data collection. An individual may also end the sharing of the individual's data with third parties, as well as demand the deletion of the individual's data.
The bill also prohibits states from establishing different privacy protections than those at the federal level. Under current law, states are allowed to establish stricter privacy protections.
