The White House published a draft of the Consumer Privacy Bill of Rights Act three years in the making late February, but not all privacy advocacy groups are satisfied.
In a letter to President Obama, representatives from U.S. privacy and technology groups Center for Democracy and Technology, Consumer Watchdog, Electronic Frontier Foundation, Public Knowledge and others expressed concern that the draft bill doesn’t go far enough to protect consumers.
The groups criticized the draft bill for not adequately defining “what constitutes sensitive information,” not being clear about whether it protects large categories of information like geolocation data, allowing companies to retain user data indefinitely for criminal investigations without placing clear limits on data retention for that purpose, and not offering heightened protection for information about children and teens.
In addition, the organizations take issue with being left out of consultations.
"It's not every day that almost all of the nation's consumer privacy groups come together to speak with a single, unified voice,” said Alvaro Bedoya, executive director at the Center on Privacy and Technology at Georgetown Law, in reference to the letter. "This administration and leaders in Congress should listen.
The letter calls for the Obama administration to work with the privacy groups to craft a bill that “creates strong, meaningful protections for consumers.”
The Consumer Privacy Bill of Rights Act is intended to fill gaps not covered by existing legislation like the Fair Credit Reporting Act and the Video Privacy Protection Act, particularly in the data-driven digital age in which companies are collecting and using more and more consumer information.
“It applies common-sense protections to personal data collected online or offline, regardless of how data is shared,” the Obama administration said in a statement on Friday. It also "promotes responsible practices that can maximize the benefits of data analysis while taking important steps to minimize risks.”