State Government and Internet Privacy Law in Delaware
Del. Code tit. 29 § 9017C et seq. is an internet privacy law that was passed to protect the various forms of personally identifiable information that citizens within the state of Delaware disclose to state agencies and public bodies within the state. With this being said, the law sets forth the responsibilities that state agencies have as it concerns safeguarding the personal data that residents within Delaware submit via government agency websites. Furthermore, the law also outlines the circumstances under which government and state agencies are permitted to disclose the personal information of Delaware residents.
How are state agencies defined under the law?
Under Del. Code tit. 29 § 9017C et seq., a state agency is defined as “any authority, department, instrumentality, commission, officer, board or other unit of the state government authorized by law to make regulations, decide cases or issue licenses. Agency does not include the General Assembly, courts, municipalities, counties, school districts, the University of Delaware, Delaware State University, Delaware Technical and Community College and other political subdivisions, joint state-federal, interstate or intermunicipal authorities and their agencies.” On the other end of the spectrum, the law defines personal information as “any information concerning a natural person which, because of name, number, symbol, mark or other identifier, can be used to identify that natural person.”
What are the duties of state agencies under the law?
Del. Code tit. 29 § 9017C et seq. mandates that state agencies within the state are responsible for developing, implementing, and maintaining a privacy policy that will effectively and efficiently safeguard the personal information of residents within the state of Delaware. This privacy policy must include the following elements:
- A statement detailing the categories of personal information that the agency plans to collect, as well as the intended use for such information.
- The circumstances under which the agency intends to disclose the personal information of Delaware residents, and to whom.
- Whether or not the agency will retain the personal information of the individual, and if so, the period of time under which said data will be retained.
- The procedures that Delaware citizens can follow when looking to access personal information pertaining to them that has been collected by an agency.
- The means or methods that the agency will use to collect personal information from consumers, as well as whether such collection will occur actively or passively.
- Whether the collection of information is mandatory or voluntary, as well as the consequences that can arise from refusing to provide personal information.
What data elements are protected under the law?
The data elements concerning residents within the state of Delaware that are protected by the provisions of Del. Code tit. 29 § 9017C et seq. include but are not limited to:
- Social security numbers.
- Drivers license numbers.
- State identification cards.
- Financial account numbers.
- Passport numbers.
- Online usernames and passwords.
- Email addresses.
- Home addresses.
- Medical history.
- Health insurance policy numbers.
- Individual taxpayer numbers.
- Biometric data.
Online privacy and redaction
With regard to maintaining compliance with the law, state, and government agencies within Delaware can achieve compliance with legislation such as Del. Code tit. 29 § 9017C et seq. through the utilization of automatic redaction software. As state agencies within Delaware are responsible for protecting the personal information of the citizens they serve, redaction software can be used to ensure that such data does not fall into the hands of cybercriminals. What’s more, as these software programs also contain automatic functionality, state and government agencies can also save valuable time, effort, and resources that can instead be focused on providing consumers with other relevant services.
As state agencies around the U.S. will be charged with securing the personal information of the respective citizens they provide services to, ensuring that this information remains confidential and uncompromised must be a top priority. To this point, the provisions of Del. Code tit. 29 § 9017C et seq. require state agencies to adhere to a number of steps and protocols designed to keep the personal information of citizens safe from harm. In this way, residents within the state of Delaware can have the peace of mind that the personal information that they disclose to state and government agencies will be protected at the highest level.