Page 2<\/em>]<\/p>\n1 SECTION 1. SHORT TITLE.<\/p>\n
2 This Act may be cited as the \u2018\u2018Balancing the Rights<\/p>\n
3 of Web Surfers Equally and Responsibly Act of 2017\u2019\u2019 or<\/p>\n
4 the \u2018\u2018BROWSER Act of 2017\u2019\u2019.<\/p>\n
5 SEC. 2. NOTICE OF PRIVACY POLICIES.<\/p>\n
6 (a) IN GENERAL.\u2014A provider of a covered service<\/p>\n
7 shall provide the users of the service with notice of the<\/p>\n
8 privacy policies of the provider with respect to the service.<\/p>\n
9 Such notice shall be clear and conspicuous.<\/p>\n
10 (b) AVAILABILITY TO PROSPECTIVE USERS.\u2014The<\/p>\n
11 notice required by subsection (a) shall be made available<\/p>\n
12 to prospective users\u2014<\/p>\n
13 (1) at the point of sale of, subscription to, or<\/p>\n
14 establishment of an account for the covered service,<\/p>\n
15 prior to such sale, subscription, or establishment,<\/p>\n
16 whether such point of sale, subscription, or estab-<\/p>\n
17 lishment is in person, online, over the telephone, or<\/p>\n
18 through another means; or<\/p>\n
19 (2) if there is no such sale, subscription, or es-<\/p>\n
20 tablishment, before the user uses the service.<\/p>\n
21 (c) PERSISTENT AVAILABILITY.\u2014The notice required<\/p>\n
22 by subsection (a) shall be made persistently available.<\/p>\n
23 (d) MATERIAL CHANGES.\u2014A provider of a covered<\/p>\n
24 service shall provide users with advance notice of any ma-<\/p>\n
25 terial change to the privacy policies of the provider. The<\/p>\n
<\/p>\n
[Page\u00a03<\/em>]<\/p>\n1 notice required by this subsection shall be clear and con-<\/p>\n
2 spicuous.<\/p>\n
3 SEC. 3. USER OPT-IN OR OPT-OUT APPROVAL RIGHTS<\/p>\n
4 BASED ON SENSITIVITY OF INFORMATION.<\/p>\n
5 (a) OPT-IN APPROVAL REQUIRED FOR SENSITIVE<\/p>\n
6 USER INFORMATION.\u2014Except as provided in subsection<\/p>\n
7 (c), a provider of a covered service shall obtain opt-in ap-<\/p>\n
8 proval from a user to use, disclose, or permit access to<\/p>\n
9 the sensitive user information of the user.<\/p>\n
10 (b) OPT-OUT APPROVAL REQUIRED FOR NON-SEN-<\/p>\n
11 SITIVE USER INFORMATION.\u2014Except as provided in sub-<\/p>\n
12 section (c)\u2014<\/p>\n
13 (1) a provider of a covered service shall obtain<\/p>\n
14 opt-out approval from a user to use, disclose, or per-<\/p>\n
15 mit access to any of the non-sensitive user informa-<\/p>\n
16 tion of the user; or<\/p>\n
17 (2) if the provider so chooses, the provider may<\/p>\n
18 comply with the requirement of paragraph (1) by ob-<\/p>\n
19 taining opt-in approval from the user to use, dis-<\/p>\n
20 close, or permit access to any such non-sensitive<\/p>\n
21 user information. 22 (c) LIMITATIONS AND EXCEPTIONS.\u2014A provider of<\/p>\n
23 a covered service may use, disclose, or permit access to<\/p>\n
24 user information without user approval for the following<\/p>\n
25 purposes:<\/p>\n
<\/p>\n
[Page 4<\/em>]<\/p>\n1 (1) In providing the covered service from which<\/p>\n
2 such information is derived, or in providing services<\/p>\n
3 necessary to, or used in, the provision of such serv-<\/p>\n
4 ice.<\/p>\n
5 (2) To initiate, render, bill, and collect for the<\/p>\n
6 covered service.<\/p>\n
7 (3) To protect the rights or property of the pro-<\/p>\n
8 vider, or to protect users of the covered service and<\/p>\n
9 other service providers from fraudulent, abusive, or<\/p>\n
10 unlawful use of the service.<\/p>\n
11 (4) To provide location information or non-sen-<\/p>\n
12 sitive user information\u2014<\/p>\n
13 (A) to a public safety answering point,<\/p>\n
14 emergency medical service provider or emer-<\/p>\n
15 gency dispatch provider, public safety, fire serv-<\/p>\n
16 ice, or law enforcement official, or hospital<\/p>\n
17 emergency or trauma care facility, in order to<\/p>\n
18 respond to the request of the user for emer-<\/p>\n
19 gency services;<\/p>\n
20 (B) to inform the legal guardian of the<\/p>\n
21 user, or members of the immediate family of<\/p>\n
22 the user, of the location of the user in an emer-<\/p>\n
23 gency situation that involves the risk of death<\/p>\n
24 or serious physical harm; or<\/p>\n
<\/p>\n
[Page 5]<\/em><\/p>\n1 (C) to providers of information or database<\/p>\n
2 management services solely for purposes of as-<\/p>\n
3 sisting in the delivery of emergency services in<\/p>\n
4 response to an emergency.<\/p>\n
5 (5) As otherwise required or authorized by law.<\/p>\n
6 (d) MECHANISM FOR EXERCISING USER AP-<\/p>\n
7 PROVAL.\u2014<\/p>\n
8 (1) IN GENERAL.\u2014A provider of a covered serv-<\/p>\n
9 ice shall make available a simple, easy-to-use mecha-<\/p>\n
10 nism for users to grant, deny, or withdraw opt-in<\/p>\n
11 approval or opt-out approval at any time.<\/p>\n
12 (2) FORM AND MANNER.\u2014The mechanism re-<\/p>\n
13 quired by paragraph (1) shall be\u2014<\/p>\n
14 (A) clear and conspicuous; and<\/p>\n
15 (B) made available\u2014<\/p>\n
16 (i) at no additional cost to the user;<\/p>\n
17 and<\/p>\n
18 (ii) in a language other than English,<\/p>\n
19 if the provider transacts business with the<\/p>\n
20 user in such other language.<\/p>\n
21 (3) EFFECT.\u2014The grant, denial, or withdrawal<\/p>\n
22 of opt-in approval or opt-out approval by a user<\/p>\n
23 shall\u2014<\/p>\n
24 (A) be given effect promptly; and<\/p>\n
<\/p>\n
[Page 6]<\/em><\/p>\n1 (B) remain in effect until the user revokes<\/p>\n
2 or limits such grant, denial, or withdrawal of<\/p>\n
3 approval.<\/p>\n
4 SEC. 4. SERVICE OFFERS CONDITIONED ON WAIVERS OF<\/p>\n
5 PRIVACY RIGHTS.<\/p>\n
6 A provider of a covered service may not\u2014<\/p>\n
7 (1) condition, or effectively condition, provision<\/p>\n
8 of such service on agreement by a user to waive pri-<\/p>\n
9 vacy rights guaranteed by law or regulation, includ-<\/p>\n
10 ing this Act; or<\/p>\n
11 (2) terminate such service or otherwise refuse<\/p>\n
12 to provide such service as a direct or indirect con-<\/p>\n
13 sequence of the refusal of a user to waive any such<\/p>\n
14 privacy rights.<\/p>\n
15 SEC. 5. ENFORCEMENT BY FEDERAL TRADE COMMISSION.<\/p>\n
16 (a) GENERAL APPLICATION.\u2014The requirements of<\/p>\n
17 this Act apply, according to their terms, to\u2014<\/p>\n
18 (1) those persons, partnerships, and corpora-<\/p>\n
19 tions over which the Commission has authority pur-<\/p>\n
20 suant to section 5(a)(2) of the Federal Trade Com-<\/p>\n
21 mission Act (15 U.S.C. 45(a)(2)); and<\/p>\n
22 (2) providers of broadband internet access serv-<\/p>\n
23 ice, notwithstanding the exception in such section for<\/p>\n
24 common carriers subject to the Communications Act<\/p>\n
25 of 1934 (47 U.S.C. 151 et seq.).<\/p>\n
<\/p>\n
[Page 7]<\/em><\/p>\n1 (b) UNFAIR OR DECEPTIVE ACTS OR PRACTICES.\u2014<\/p>\n
2 A violation of this Act shall be treated as an unfair or<\/p>\n
3 deceptive act or practice in or affecting commerce for pur-<\/p>\n
4 poses of section 5(a)(2) of the Federal Trade Commission<\/p>\n
5 Act (15 U.S.C. 45(a)(2)).<\/p>\n
6 (c) POWERS OF COMMISSION.\u2014Except as provided in<\/p>\n
7 subsection (a)(2) of this section\u2014<\/p>\n
8 (1) the Commission shall enforce this Act in the<\/p>\n
9 same manner, by the same means, and with the<\/p>\n
10 same jurisdiction, powers, and duties as though all<\/p>\n
11 applicable terms and provisions of the Federal Trade<\/p>\n
12 Commission Act (15 U.S.C. 41 et seq.) were incor-<\/p>\n
13 porated into and made a part of this Act; and<\/p>\n
14 (2) any person who violates this Act shall be<\/p>\n
15 subject to the penalties and entitled to the privileges<\/p>\n
16 and immunities provided in the Federal Trade Com-<\/p>\n
17 mission Act.<\/p>\n
18 SEC. 6. DEFINITIONS.<\/p>\n
19 In this Act:<\/p>\n
20 (1) BROADBAND INTERNET ACCESS SERVICE.\u2014<\/p>\n
21 (A) IN GENERAL.\u2014The term \u2018\u2018broadband<\/p>\n
22 internet access service\u2019\u2019 means a mass-market<\/p>\n
23 retail service by wire or radio that provides the<\/p>\n
24 capability to transmit data to and receive data<\/p>\n
25 from all or substantially all internet endpoints,<\/p>\n
<\/p>\n
[Page 8]<\/em><\/p>\n1 including any capabilities that are incidental to<\/p>\n
2 and enable the operation of the communications<\/p>\n
3 service, but excluding dial-up internet access<\/p>\n
4 service.<\/p>\n
5 (B) FUNCTIONAL EQUIVALENT; EVA-<\/p>\n
6 SION.\u2014Such term also includes any service<\/p>\n
7 that\u2014<\/p>\n
8 (i) the Commission finds to be pro-<\/p>\n
9 viding a functional equivalent of the service<\/p>\n
10 described in subparagraph (A); or<\/p>\n
11 (ii) is used to evade the protections<\/p>\n
12 set forth in this Act.<\/p>\n
13 (2) COMMISSION.\u2014The term \u2018\u2018Commission\u2019\u2019<\/p>\n
14 means the Federal Trade Commission.<\/p>\n
15 (3) COVERED SERVICE.\u2014The term \u2018\u2018covered<\/p>\n
16 service\u2019\u2019 means\u2014<\/p>\n
17 (A) broadband internet access service; or<\/p>\n
18 (B) an edge service.<\/p>\n
19 (4) EDGE SERVICE.\u2014The term \u2018\u2018edge serv-<\/p>\n
20 ice\u2019\u2019\u2014<\/p>\n
21 (A) means a service provided over the<\/p>\n
22 internet\u2014<\/p>\n
23 (i) for which the provider requires the<\/p>\n
24 user to subscribe or establish an account in<\/p>\n
25 order to use the service;<\/p>\n
<\/p>\n
[Page 9]<\/em><\/p>\n1 (ii) that the user purchases from the<\/p>\n
2 provider of the service without a subscrip-<\/p>\n
3 tion or account;<\/p>\n
4 (iii) by which a program searches for<\/p>\n
5 and identifies items in a database that cor-<\/p>\n
6 respond to keywords or characters speci-<\/p>\n
7 fied by the user, used especially for finding<\/p>\n
8 particular sites on the World Wide Web; or<\/p>\n
9 (iv) by which the user divulges sen-<\/p>\n
10 sitive user information; and<\/p>\n
11 (B) includes a service described in sub-<\/p>\n
12 paragraph (A) that is provided through a soft-<\/p>\n
13 ware program, including a mobile application.<\/p>\n
14 (5) EMERGENCY SERVICES.\u2014The term \u2018\u2018emer-<\/p>\n
15 gency services\u2019\u2019 has the meaning given such term in<\/p>\n
16 section 222 of the Communications Act of 1934 (47<\/p>\n
17 U.S.C. 222).<\/p>\n
18 (6) MATERIAL.\u2014The term \u2018\u2018material\u2019\u2019 means,<\/p>\n
19 with respect to a change in a privacy policy of a pro-<\/p>\n
20 vider of a covered service, any change in such policy<\/p>\n
21 that a user of the service, acting reasonably under<\/p>\n
22 the circumstances, would consider important to the<\/p>\n
23 decisions of the user regarding the privacy of the<\/p>\n
24 user, including any change to information required<\/p>\n
25 to be included in a privacy notice under section 2.<\/p>\n
<\/p>\n
[Page\u00a010<\/em>]<\/p>\n1 (7) MOBILE APPLICATION.\u2014The term \u2018\u2018mobile<\/p>\n
2 application\u2019\u2019 means a software program that runs on<\/p>\n
3 the operating system of a mobile device.<\/p>\n
4 (8) NON-SENSITIVE USER INFORMATION.\u2014The<\/p>\n
5 term \u2018\u2018non-sensitive user information\u2019\u2019 means any<\/p>\n
6 user information that is not sensitive user informa-<\/p>\n
7 tion.<\/p>\n
8 (9) OPT-IN APPROVAL.\u2014The term \u2018\u2018opt-in ap-<\/p>\n
9 proval\u2019\u2019 means a method for obtaining from a user<\/p>\n
10 of a covered service consent to use, disclose, or per-<\/p>\n
11 mit access to sensitive user information under which<\/p>\n
12 the provider of the service obtains express consent<\/p>\n
13 allowing the requested usage, disclosure, or access to<\/p>\n
14 the sensitive user information.<\/p>\n
15 (10) OPT-OUT APPROVAL.\u2014The term \u2018\u2018opt-out<\/p>\n
16 approval\u2019\u2019 means a method for obtaining from a user<\/p>\n
17 of a covered service consent to use, disclose, or per-<\/p>\n
18 mit access to non-sensitive user information under<\/p>\n
19 which the user is deemed to have consented to the<\/p>\n
20 use, disclosure, or access to the non-sensitive user<\/p>\n
21 information if the user has failed to object to such<\/p>\n
22 use, disclosure, or access.<\/p>\n
23 (11) PUBLIC SAFETY ANSWERING POINT.\u2014The<\/p>\n
24 term \u2018\u2018public safety answering point\u2019\u2019 has the mean<\/p>\n
<\/p>\n
[Page\u00a011<\/em>]<\/p>\n1 ing given such term in section 222 of the Commu-<\/p>\n
2 nications Act of 1934 (47 U.S.C. 222).<\/p>\n
3 (12) SENSITIVE USER INFORMATION.\u2014The<\/p>\n
4 term \u2018\u2018sensitive user information\u2019\u2019 includes any of<\/p>\n
5 the following:<\/p>\n
6 (A) Financial information.<\/p>\n
7 (B) Health information.<\/p>\n
8 (C) Information pertaining to children<\/p>\n
9 under the age of 13.<\/p>\n
10 (D) Social Security number.<\/p>\n
11 (E) Precise geo-location information.<\/p>\n
12 (F) Content of communications.<\/p>\n
13 (G) Web browsing history, history of usage<\/p>\n
14 of a software program (including a mobile ap-<\/p>\n
15 plication), and the functional equivalents of ei-<\/p>\n
16 ther.<\/p>\n
17 (13) STATE.\u2014The term \u2018\u2018State\u2019\u2019 means each of<\/p>\n
18 the several States, the District of Columbia, the<\/p>\n
19 Commonwealth of Puerto Rico, Guam, American<\/p>\n
20 Samoa, the Virgin Islands of the United States, the<\/p>\n
21 Commonwealth of the Northern Mariana Islands,<\/p>\n
22 any other territory or possession of the United<\/p>\n
23 States, and each federally recognized Indian Tribe.<\/p>\n
24 (14) USER.\u2014The term \u2018\u2018user\u2019\u2019 means, with re-<\/p>\n
25 spect to a covered service, a person who\u2014<\/p>\n
<\/p>\n
[Page 12<\/em>]<\/p>\n1 (A) is a current or former\u2014<\/p>\n
2 (i) subscriber to such service; or<\/p>\n
3 (ii) holder of an account for such serv-<\/p>\n
4 ice;<\/p>\n
5 (B) purchases such service without a sub-<\/p>\n
6 scription or account;<\/p>\n
7 (C) is an applicant for such service; or<\/p>\n
8 (D) in the case of a service described in<\/p>\n
9 clause (iii) or (iv) of paragraph (4)(A), uses the<\/p>\n
10 service.<\/p>\n
11 (15) USER INFORMATION.\u2014The term \u2018\u2018user in-<\/p>\n
12 formation\u2019\u2019 means any information that\u2014<\/p>\n
13 (A) a provider of a covered service acquires<\/p>\n
14 in connection with the provision of such service;<\/p>\n
15 and<\/p>\n
16 (B) is linked or reasonably linkable to an<\/p>\n
17 individual.<\/p>\n
18 SEC. 7. RELATIONSHIP TO OTHER LAW.<\/p>\n
19 (a) PREEMPTION OF STATE LAW.\u2014No State or polit-<\/p>\n
20 ical subdivision of a State shall, with respect to a provider<\/p>\n
21 of a covered service subject to this Act, adopt, maintain,<\/p>\n
22 enforce, or impose or continue in effect any law, rule, reg-<\/p>\n
23 ulation, duty, requirement, standard, or other provision<\/p>\n
24 having the force and effect of law relating to or with re-<\/p>\n
25 spect to the privacy of user information.<\/p>\n
<\/p>\n
[Page 13<\/em>]<\/p>\n1 (b) OTHER FEDERAL LAW.\u2014<\/p>\n
2 (1) IN GENERAL.\u2014Except as provided in para-<\/p>\n
3 graph (2), nothing in this Act shall be construed to<\/p>\n
4 supercede any other Federal statute or regulation<\/p>\n
5 relating to information privacy.<\/p>\n
6 (2) COMMUNICATIONS ACT OF 1934.\u2014Insofar as<\/p>\n
7 any provision of the Communications Act of 1934<\/p>\n
8 (47 U.S.C. 151 et seq.) or any regulations promul-<\/p>\n
9 gated under such Act apply to any person, partner-<\/p>\n
10 ship, or corporation subject to this Act with respect<\/p>\n
11 to privacy policies, terms of service, and practices<\/p>\n
12 covered by this Act, such provision of the Commu-<\/p>\n
13 nications Act of 1934 or such regulations shall have<\/p>\n
14 no force or effect, unless such regulations pertain to<\/p>\n
15 emergency services.<\/p>\n","protected":false},"featured_media":0,"template":"","content_type":[795],"area-of-focus":[78],"_links":{"self":[{"href":"https:\/\/cdt.org\/wp-json\/wp\/v2\/insight\/80192"}],"collection":[{"href":"https:\/\/cdt.org\/wp-json\/wp\/v2\/insight"}],"about":[{"href":"https:\/\/cdt.org\/wp-json\/wp\/v2\/types\/insight"}],"version-history":[{"count":0,"href":"https:\/\/cdt.org\/wp-json\/wp\/v2\/insight\/80192\/revisions"}],"wp:attachment":[{"href":"https:\/\/cdt.org\/wp-json\/wp\/v2\/media?parent=80192"}],"wp:term":[{"taxonomy":"content_type","embeddable":true,"href":"https:\/\/cdt.org\/wp-json\/wp\/v2\/content_type?post=80192"},{"taxonomy":"area-of-focus","embeddable":true,"href":"https:\/\/cdt.org\/wp-json\/wp\/v2\/area-of-focus?post=80192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"https:\/\/cdt.org\/wp\/..\/files\/2017\/06\/genius-web-annotator.png\")
<\/p>\n