What he did not discuss was the Financial Regulatory Reform Bill currently slated to be voted on by the Senate shortly which grants the FTC the authority and power to impose those regulations on the entire industry. What was also not discussed is the current draft of a new privacy bill which is intended to regulate data collection both online and offline conduct.
What is important about the privacy bill is that it sets out new, very detailed, notice and consent requirements for online and offline data collection. The bill regulates “covered entities” which are those entities that collect “covered information.” “Covered information” includes First name or initial and last name; Postal address; Telephone or fax number; Email address; Unique biometric data; SSN Tax ID, or any other government-issued identification number; Financial account numbers; Any unique persistent identifier, such as a customer number, unique pseudonym or user alias, Internet Protocol address, or other unique identifier, where such identifier is used to collect, store, or identify information about a specific individual or a computer, device, or software application owned or used by a particular user or that is otherwise associated with a particular user which is data such as customer identifications, IP addresses, anonymous profiles, and cookie IDs.
The required notice must contain fifteen distinct provisions, several of which are not common in current privacy policies, including: 1) how information is stored; 2) the length of time the information is retained; 3) how the information is disposed of after the retention period; 4) provides a choice and means for individuals to limit or prohibit the collection and disclosure of covered information; 5) the manner and means in which an individual may access the information that has been collected; and 6) a hyperlink to or a listing of the FTC’s online consumer complaint form or the toll-free telephone number for the FTC’s Commission’s Consumer Response Center.
This bill dramatically changes both data collection procedures as well as your website polices – keep a close eye on its progress.