Four Republican senators have introduced a privacy bill that would override state privacy laws, other than ones requiring notifications of data breaches.
“The Setting an American Framework to Ensure Data Access, Transparency, and Accountability Act” (SAFE DATA Act), introduced by Sens. Roger Wicker (Mississippi), John Thune (South Dakota), Marsha Blackburn (Tennessee), and Deb Fischer (Nebraska), would also require companies to allow consumers to access, edit and delete data about them.
The proposed law would require companies to obtain consumers' affirmative consent before transferring their “sensitive” information -- which the bill defines as including financial account numbers, persistent identifiers, precise geolocation data, and data revealing people's race, ethnic origin, religion and sexual orientation.
The measure would also require companies to allow people to opt out of the collection, processing or transfer of any data that identifies or is “reasonably linkable” to an individual or device.
The bill's mandates would not apply to data that has been de-identified, providing that the companies promise to avoid re-identifying the information.
The digital rights group Public Knowledge criticized the proposed law, saying it “falls short of providing sufficient consumer protections, accountability for companies that violate the law, and enforcement of consumer privacy rights.”