Privacy Bill of Rights - United States Version of GDPR
The Privacy “Bill of Rights” to protect American consumers’ personal data has been introduced to Congress. Formally titled The Customer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act which would require the Federal Trade Commission (FTC) to establish privacy protections for customers of online edge providers like Facebook and Google. An "edge" provider is defined as "any individual or entity that provides any content, application, or service over the Internet, and any individual or entity that provides a device used for accessing any content, application, or service over the Internet."
This CONSENT Act draws from GDPR, particularly as it relates to customer data protection. The act mandates that the FTC require edge providers to:
- Obtain opt-in consent from users to use, share or sell users’ personal information.
- Develop reasonable data security practices.
- Notify users about all collection, use and sharing of users’ personal information.
- Notify users in the event of a breach.