Kerry and McCain introduce Web privacy bill

Sen. John F. Kerry (D-Mass.) and Sen. John McCain (R-Ariz.) have formulated a draft Internet “privacy” bill that would stipulate “first-time” rules for websites like Facebook and Google.

The two senators claim the bill, like a similar one recently introduced in the House, will help protect Internet users by requiring companies to disclose how personal data is collected, stored and leveraged.

”Consumers want to shop, browse and share information in an environment that is respectful of their personal information,” McCain said at recent news conference.

“Our legislation sets forth a framework for companies to create such an environment and allows businesses to continue to market and advertise to all consumers, including potential customers.”

The legislation is also expected to make it more difficult for websites to target individuals using personally identifiable information and profiles.

For example, if approved, companies would be prevented from collecting names, e-mail addresses and credit-card numbers without specific consent from an individual.

Other information, such as religion, sexual identity and health would remain out of bounds unless the user agreed otherwise.

In addition, web companies would be forced to offer users the ability to opt out of data collection. Failure to comply with the legislation could result in $3 million fines from the FTC.

As expected, the draft Senate legislation received a rather polite welcome from the industry, which spent quite a bit of time lobbying politicians during the bill’s formulation.

“We appreciate that this legislation… allows for flexibility to adapt to changes in technology,” read a joint statement by Intel, Cisco, eBay and Hewlett-Packard. 

“The bill… strikes the appropriate balance by providing businesses with the opportunity to enter into a robust self-regulatory program.”

However, privacy advocate Jeffrey Chester, executive director of the Center for Digital Democracy, believes the bill doesn’t go far enough, as it fails to place limits on how long a company can store data and what can be done with it.

“This doesn’t get us much further from where we are today, which is with no rules,” added Chester.

[Via WaPost]