March 2017: In a nail bitter 215-205 vote, the U.S. Congress spiked a set of incoming FCC online privacy rules. The decision frenzied privacy advocates and several state legislatures took notice — including Nevada, whose Senate just passed a bill to replace the defunct federal statute.

Sponsored by Nevada Senate Majority Leader Aaron Ford, S.B. 538 is a close cousin of the FCC’s Online Privacy Rule. Under the proposed law, “Internet providers” must disclose to users what information is collected and shared about them. Ford explained: “It’s important that Nevada’s privacy laws reflect that we are all conducting more of our lives online.”

In addition to user data disclosure standards, Senate Bill 538 also requires Internet providers to “publish information on any third-party contractors who may be stockpiling user data.” (Loose Prediction: The “my brothers’ keeper” nature of this clause may spawn some messy situations.)

The Nevada Senate passed 538 unanimously, so it’s traveling the express lane to ratification.

Federal Online Privacy Laws

Believe it or not, the United States still doesn’t have an all-encompassing, nationwide law governing digital privacy. However, several different statutes address digital privacy concerns related to children, finances, and health.

The Children’s Online Privacy Protection Act: In the United States, without permission from parents or guardians it’s against the law to collect or store information about people aged 12 and under. [Read More Button]

The Gramm-Leach-Bliley Act: Also known as the Financial Modernization Act, this law outlines privacy collection and storage standards for digital financial information. [Read More Button]

Health Insurance Portability and Accountability Act: Passed in 1996 and since updated, the HIPPA privacy rule “establishes national standards to protect individuals’ medical records and other personal health information.” [Read More Button]

In addition to the handful of federal measures, California is also home to a host of online privacy laws. And yes, if your website is accessible to people in California, then you’re most likely beholden to the Golden State’s statutes — even if you’re based elsewhere. Plus, more states have recently passed various online privacy bills that will likely go into effect in the coming months.

 Speak With An Online Privacy Law Attorney

Are you grappling with an online privacy legal issue? Our team of experienced attorneys, programmers, and online marketers can help. To learn more about our firm, we invite you to begin at the “About Us” section of our website. If you need to speak with someone, ASAP — by all means, get in touch!

Some Legislators Didn’t Like The FCC’s Online Privacy Rules

You may be thinking: Why don’t legislators want an online privacy law? It seems like a relatively innocuous topic that everyone can agree on; who doesn’t want to retain a level of digital privacy? These are fair questions — on which most private citizens concur. Large online companies (who make enormous campaign contributions), on the other hand, see things a bit differently. After all, these companies must profit somehow. (Do you pay for your personal Facebook account?) Many online companies keep the lights on and ports open by selling a) advertising and b) user data. In other — perhaps blunter — words: A lot of online companies make payroll by selling user data to advertisers.

So, why don’t online businesses want a universal online privacy measure? You guessed it: money. Retrofitting an operation to new regulations will cost considerable money and resources.

But there’s another reason why the FCC’s online privacy rules weren’t popular: they were, arguably, unfair. Under the now defunct regulations, Internet Service Providers — like Comcast and Time Warner — would’ve been subject to the law, but giant online companies — like Facebook, Google, and Amazon — would’ve fallen into the “edge services” category and exempt from the rules.

Under Blackburn’s draft legislation, so-called “edge services” would be subject to the same rules as Internet Service Providers.

Online Business Lobbyists Oppose Latest Online Privacy Law Proposal

As you can probably imagine, lobbyists and trade associations working on behalf of ISPs and online businesses are aggressively pushing back against the latest attempt at an online privacy law. Their arguments: 1) Blackburn’s proposal could “upend the consumer experience online and stifle innovation,” and 2) Websites and apps are already under the purview of “strict” Federal Trade Commission “privacy enforcement.”

Connect With An Online Privacy Law Attorney

Are you dealing with an online privacy legal issue? If so, we can help. As pioneers in the field of Internet law, Kelly / Warner has handled numerous digital security situations and consultations. Whether it’s a one-off matter, or you need an attorney to act as a privacy officer, we have solutions. Get in touch today to begin the conversation.

International Safe Harbor Certification Program

First things first: what, exactly, is a “Safe Harbor” provision?

In 1995, the European Union (“E.U.”) ratified rules regarding the digital transfer of personal information. In 2006 – in conjunction with the U.S. Department of Commerce – the E.U. created the Safe Harbor Framework, which allows U.S. businesses to demonstrate compliance with European standards.

U.S. and Swiss officials also rolled-out a separate, but near identical, program around the same time.

The Safe Harbor Frameworks are self-certification processes, but participants are required to comply with associated paperwork to maintain official compliance recognition.

TRUSTe Program

True Ultimate Standards Everywhere Inc. (a.k.a., TRUSTe) is a private firm that offers security certifications. Primarily, businesses that want to demonstrate a commitment to international data laws use the company’s services. Businesses can apply for universally recognized TRUSTe licenses. Like the Safe Harbor Frameworks, license renewal is required every few years.

Two Companies Busted For Not Renewing Safe Harbor and TRUSTe Commitments

TES Franchising LLC (“TES”) and American International Mailing Inc (“AIM”) both self-certified under the U.S.-E.U. and U.S.-Swiss Safe Harbor Frameworks. The former first completed the process in 2011, the latter in 2006. TES also held a TRUSTe license.

Both companies, however, failed to renew the required paperwork – and the FTC found out. As a result, the commission saddled both TES and AIM with 20-years of FTC-sanctioned, time-consuming bookkeeping — the non-completion of which could trigger a legally enforceable fine.

Even If You Don’t Change Your Website or Procedures, Safe Harbor Renewal Is Mandatory

TES and AIM didn’t violate any Safe Harbor certification standards, they simply forgot to renew on-time. So, despite neither company committing a security abuse, not fulfilling the proper paperwork put them on regulators’ radars.

The Takeaway: If you want to keep officials off your back, make sure you’re up-to-date with the latest international, national, and regional Internet laws — especially Safe Harbor certification paperwork.

For Maximum Profit, Enlist an Experienced Internet Law Attorney

Kelly / Warner attorneys are masters of Internet law. Pioneers in the field, we’re recognized as a leading tech law firm. Kelly / Warner consistently delivers better-than-big-firm results, for a fraction of the price.

Contact Kelly / Warner today to get started on your safe harbor certification or other Internet law issue.

Source