Summary: The Internet Privacy Protection Act forbids Internet service providers (ISPs) from using or selling browsing histories, app usage data, geo-locations and other kinds of personal information without their users’ consent.
In October 2016, the Federal Communications Commission established rules to limit how Internet service providers (ISPs) like AT&T, Comcast and Verizon, can use a customer’s personal information. The rules divided customer data into two categories. For sensitive data, ISPs would need active permission from the customer before using: geographic location, children’s information, health information, financial information, Social Security numbers, web browsing history, app usage history, or the content of a customer’s communications. For less-sensitive personal data, ISP’s would need to allow customers to opt-out, including the customer’s name, address, IP address, current subscription level, or anything else. In March 2017, Congress and the President overturned those FCC rules by enacting S.J.Res.34.
A number of state legislatures are now stepping up to protect Internet consumers. The Minnesota Senate passed SF 1937, the Senate Judiciary Committee has approved Illinois SB 1502, and the Maryland Senate passed SB 1200.
SECTION 1. SHORT TITLE
This Act shall be called the “Internet Privacy Protection Act.”
SECTION 2. FINDINGS AND PURPOSE
(A) FINDINGS—The legislature finds that:
(B) PURPOSE—This law is enacted to protect the privacy rights of state residents.
SECTION 3. INTERNET PRIVACY
After section XXX, the following new section XXX shall be inserted:
(A) DEFINITIONS—In this section:
a. the consumer’s name, address, Social Security number, geographic location, or web browsing history;
b. the Internet protocol address associated with an electronic device that belongs to the consumer;
c. the content of the customer’s communications with anyone other than the Internet service provider; or
d. any information about the customer’s spouse, children, health, or finances.
(B) RESTRICTION ON INTERNET SERVICE PROVIDERS
SECTION 4. EFFECTIVE DATE
This law shall become effective on July 1, 20XX.