Potential State Legislation Affected
In 2020 many states had legislation to push forward to initiate privacy laws for their state residents. Many states were attempting to follow the leadership of California, which passed comprehensive privacy legislation last year. The California Consumer Privacy Act or CCPA closely monitors the privacy rights of California residents and protects them with severe legal penalties for companies that violate their policies. However, these same states have this legislation meant to protect its residents on hold due to other needs being pushed to the forefront, namely the pandemic.
A total of fifteen states had stepped forward, with bills closely aligned to the one passed in California. More than half of these states have failed to make significant progress in protecting their constituents due to the necessity of addressing concerns with the coronavirus. While Federal legislation has been put through Congress, the Senate fails to hear or vote on any bills under the current administration.
Are Some States on Hold?
Yes, some states are on hold with privacy legislation. Some have outright failed to move forward. Many states pushed off legislation to handle passing other rulings necessary to attempt to control the COVID19 outbreaks within their state boundaries, then finding it time to adjourn before putting the current privacy bills on the table. There is still time to get these laws passed; it may take some prodding by their constituents to make it a priority. Here is a list of the fifteen states and their current status on privacy legislation. If your state is listed as failing to move forward, or not included in the list at all, standing up for your rights to privacy can mean making necessary calls to your representatives.
- Arizona HB2729 Short title: personal data; processing; security standards. Predicted to fail, thus shortchanging constituents of necessary privacy protections.
- Connecticut SB134 An Act Concerning Consumer Privacy. This legislation has failed and did not have the opportunity to continue due to the adjournment of legislative sessions. Constituents compromised.
- Florida HB963 – SB1670 HB963 Is an act relating to consumer data privacy, yet to be titled. Consumers in Florida will continue to have their privacy violated without protections. This act is currently failing, and legislative sessions have been adjourned. SB1670 is also an act relating to consumer privacy, yet titled. As legislative sessions have been discontinued without the work done to protect Florida residents, constituents should call their representatives to push for further protective measures.
- Hawaii HB2572 – SB418 – SB2451 HB2572 Relating to Privacy. Prohibits the sale of geological information. SB418 Requires companies to notify consumers of what specific data is collected and allow for opt-out in the sale of their personal data. SB2451 takes 418 a step further, requiring third parties who have purchased data on consumers from reselling or using data without similar notices and opt-outs. Hawaii is failing to push these through, thus not protecting constituents and consumers from blatant privacy violations. If concerned, please contact your representatives.
- Illinois SB2330 Data Transparency and Privacy Act. Establishes a "right to know" for consumers regarding the use of personal data. Includes protections and opt-outs, still in consideration.
- Maryland SB957 – HB784 SB957 Maryland Online Consumer Protection Act. Protects consumer information from being misused, consent, and opt-out. HB784 Adds requirements to Maryland Cybersecurity Council. Maryland has failed its residents, choosing to not rule on matter but to adjourn sessions.
- Nebraska LB746 A bill to enact the Nebraska Consumer Data Privacy Act. Similar to the California Consumer Privacy Act. Failed.
- New Hampshire HB1680 "AN ACT relative to the collection of personal information by businesses." Bill grants residents the right to "request" what data that businesses collect about them, how it will be used, and then to opt-out if they choose. This bill has no teeth to it. The responsibility is placed on the consumer to put forth the request, still in consideration.
- New Jersey SB269 Requires businesses to notify consumers of data collected, gives protections. It also requires specific security standards on data. Still a possibility, it is up for review.
- New York AB8526 – SB5642 AB8526 The New York Privacy Act. This is similar to California's CCPA. Defines consumer rights, transparency, liability, and enforcement. It may pass. SB5642 – Similar in scope to AB8526, may also pass.
- Rhode Island HB7778 The Rhode Island Transparency and Privacy Protection Act. It provides transparency to consumers regarding what data is collected and how it will be used. Allows for opt-in/opt-out requirements. Is likely to pass.
- South Carolina HB4812 The South Carolina Biometric Data Privacy Act. This legislation gives control to consumers over their biometric data, including opt-outs and deletions, still in consideration.
- Virginia H473 Relating to the management and oversight of personal consumer data. Defines 'fraud', protections, and enforcement. Virginia has let down its residents. They are adjourning sessions before passing.
- Washington SB6281 Known as the Washington Privacy Act. Well-written, modeled after CCPA. Had additional protections. All eyes of the world were on this excellent bill. Washington leaders failed, by adjourning sessions before passing.
- Wisconsin AB870 – AB871 – AB872 Three separate bills put forth to protect the residents of Wisconsin. Anyone of the three bills would have helped maintain privacy for residents. Wisconsin dropped the ball on this one. Fail.
California Attempts to March Forward
In January 2020, California's new law, the California Consumer Privacy Act (CCPA), came into effect. This law was intended to protect the privacy and security of personal data of all California residents. It was modeled after the European privacy law the General Data Protection Regulation (GDPR).
Regardless of the current pandemic situation, California is pushing forward with its passed legislation and fully intends to protect the privacy and personal data of its residents. On July 1, companies who choose not to comply will indeed start to face hefty fines. Any organization that decides to ignore the law or breach the personal data of California's residents will find that the State Attorney General will march forward with impactful penalties.
Many companies had hoped that California would push back on the date that compliance would come into effect. Several large enterprises requested an extension of time to prepare for this new deadline. Regardless of their request, the California Attorney General is sticking to his guns, and the deadline remains.
Confused Americans Demand Digital Privacy
Americans have felt the squeeze of corporations and government wanting to reach into their daily lives and invade their privacy further during the pandemic. Confused, Americans want to comply with gaining control over the virus, but they don't want to give up their data. It is quite the opposite. Americans are continuing to demand digital privacy. Some are split on how to use data to track or eliminate the virus; however, many are concerned about the long-term implications.
Before the outbreak, according to a survey done in June 2019 by Pew Research, more than 70% of Americans had many concerns that their private personal data was less secure than ever before. It went even further in that Americans did not trust the government or other corporations on how they used the data they collected about them. Nearly eight in ten adults had these concerns.
Today, with a severe pandemic, the numbers have only changed slightly in that American adults do want to cooperate in the control and end of the virus. However, even with these serious concerns, Americans are split nearly 50/50 on allowing the government to track their cell phones. Some find this unacceptable. Some Americans understand that once you will enable a government to take away a right, like privacy, getting it back may never happen again.
Surveillance State on the Rise
As the coronavirus has swept over the world, one thing has been guaranteed for nearly every country and every citizen, loss of privacy. For public health reasons, there will be a future with less data privacy, not more.
Though many countries have been working towards privacy legislation to protect citizens' data, as the virus took hold and taken lives, they see how some countries have been able to gain control. This control came at the cost of surveillance of all citizens through apps loaded onto their cell phones. China and several other Asian countries are using 'track and trace' methods to control and monitor the outbreaks.
As Americans, freedom, and privacy are essential. Allowing this type of personal invasion can be complicated. With the pandemic, worldwide loosening of data protection laws are likely to come across America. In at least 27 countries, there have been changes brought on by the pandemic in data privacy legislation. These laws are loosened for health officials to track and monitor patients; they are attempting to gain control of the virus. The Global Privacy Assembly (GPA), which is a worldwide group of 130 data protection authorities, has declared a commitment to making sure that the collection of this personal data is not abused.
According to the GPA'S Executive Committee released a brief statement regarding the collection of data worldwide. "We are confident that data protection requirements will not stop the critical sharing of information to support efforts to tackle this global pandemic. The universal data protection principles in all our laws will enable the use of data in the public interest and still provide the protections the public expects."
It will be up to Americans to continue to press forward by calling their representatives and expressing their concerns about the protection of their personal data. Controlling the pandemic will save lives. In doing so, how much of your privacy are you willing to give up. When this virus is finally eradicated if confidentiality has already been released in certain areas, how hard will Americans find it to gain their privacy and security again?