On January 12, 2015, President Obama announced his administration’s comprehensive approach to enhance American consumers’ security in light of the ever increasing inter-cyber connectivity of consumers. Among the highlights he noted were certain legislative proposals. These proposals included the following:
Personal Data Notification & Protection Act: This proposal seeks to provide a uniform body of law that sets forth notice requirements for companies to report a data breach to its customers. The proposed time frame for the notice is 30 days from the date of the breach. Presently, numerous states have their own data breach notification laws.
Student Digital Privacy Act: The legislation would proscribe the use of data collected from students in the educational context and limit the use of such information to educational purposes only. It also prevents entities from selling this information or using students’ information for targeted advertising.
Consumer Privacy Bill of Rights: In the next 45 days, this revised draft legislation will be released. It sets forth clear principles relating to the collection of consumers’ data and ensures that consumers’ expectations are met.
Commentators are already calling into question how the federal framework will work with laws that many states already have in place. Of course, there will be no way to fully assess how the two systems will work together until more details are provided about the federal plan. President Obama is expected to discuss these proposals and provide further detail during his upcoming State of the Union address to the nation on January 20, 2015. At this point, the most information we have can be found in a White House Fact Sheet circulated on January 12, 2015.