Data Privacy and Protection Bills Would Probably Not Protect Personal Information About Reproductive Services (Free Preview)
In today's free preview of yesterday's post, we are sharing the same Other Developments, Further Reading, and Coming Events that went to subscribers last night.
Subscribe today to get this content along with the entire title article.
The two data privacy and protection bills in play in Congress would not stop states from obtaining personal information on reproductive services.
The “American Data Privacy and Protection Act” (ADPPA) (H.R. 8152) and the “Consumer Online Privacy Rights Act“ (COPRA) (S.3195) would provide protection for health information above and beyond what many other types of personal information would receive. However, exceptions in both bills would permit covered entities to heed state laws requiring the production of personal information, and this would almost certainly include personal information related to reproductive services. How this factors into negotiations about a U.S. data privacy and protection bill is not immediately clear, but Members and staff on the Democratic side are keen to protect data regarding reproductive services.
Understandably, in response to the overturning of Roe v. Wade, Democratic lawmakers and staff in Congress have started viewing negotiations over a United States (U.S.) data privacy and protection bill through the perspective of how personal data relating to reproductive services would be protected. According to The Washington Post, a memorandum circulated by Senate Democratic staff asserted that ADPPA “makes it harder for women to seek redress when their sensitive health data has been used against them” and would force women to “jump through arbitrary, drawn-out hoops” to sue over privacy violations.” Other than a say nothing quote from Senate Commerce, Science, and Transportation Committee Ranking Member Roger Wicker (R-MS), there was no indication of what Republicans think of this issue. However, it is not a stretch to imagine most Republicans content with circumstances that would allow states to press companies for personal information proving that women have broken new anti-abortion laws. Undoubtedly Republicans will publicly and privately assert they want to keep abortion and data privacy as separate issues no matter how much Democrats try to link the two issues.
Aside and apart from what stakeholders are saying or thinking, what does the most recent text of the ADPPA say? Moreover, what does the most recent public draft of Senate Commerce, Science, and Transportation Committee Chair Maria Cantwell’s (D-WA) bill, COPRA, say?
Taking ADPPA first, most personal information related to reproductive services would be “sensitive covered data.” This terms covers many categories of personal information, but it notably includes: “[a]ny information that describes or reveals the past, present, or future physical health, mental health, disability, diagnosis, or healthcare condition or treatment of an individual.” This would seem to encompass almost every component of seeking and obtaining reproductive services. But, in the event it does not, there are other categories of sensitive covered data that would. For example, “Biometric information, “Genetic information,” and “Precise geolocation information” would cover personal information that does not fall into what might be called the “health information” sub-category. However, under ADPPA, precise geolocation information pertains to information indicating a person’s location within 1000 feet or less. Hence, everything outside that range is merely covered data, which is not subject to the same level of protection. Moreover, this term “does not mean geolocation information identifiable solely from the visual content of an image.” And so, a person’s photos, especially those on social medias that are not locked, could be used for purposes of geolocation.
Subscribe to read the rest of this analysis.
The United States (U.S.) Federal Trade Commission (FTC) announced in a blog post attributed to the acting head of the Division of Privacy & Identity Protection that the agency “is committed to using the full scope of its legal authorities to protect consumers’ privacy” and “will vigorously enforce the law if we uncover illegal conduct that exploits Americans’ location, health, or other sensitive data.”
The United Kingdom’s The Information Commissioner’s Office (ICO) “called for a government review into the systemic risks and areas for improvement around the use of private correspondence channels – including private email, WhatsApp and other similar messaging apps” on the basis of its report “Behind the screens - maintaining government transparency and data security in the age of messaging apps.”
The United States (U.S.) Circuit Court of Appeals for the District of Columbia ruled that the U.S. Federal Communications Commission’s (FCC) “order mandating that radio broadcasters check two federal sources to verify a sponsor’s identity” overstepped the agency’s authority.
The European Data Protection Supervisor (EDPS) saidin in an opinion that he “fully supports the goals of the proposed amendments to the financial rules on the general budget of the European Union, but strongly recommends specifying the types of personal data to be processed, from where this data is sourced, as well as the means and duration of the processing.”
The United Kingdom’s (UK) Department for Digital, Culture, Media & Sport (DCMS) revised and updated its call for views on “Data storage and processing infrastructure security and resilience.”
The Democratic leadership of the United States (U.S.) House Oversight and Reform Committee “sent letters to five data broker companies and five personal health application companies requesting information and documents regarding the collection and sale of personal reproductive health data” as part of its “Probe of Reproductive Health Data Privacy.”
The European Commission announced that the new Vehicle General Safety Regulation is now applicable and “introduces a range of mandatory advanced driver assistant systems to improve road safety and establishes the legal framework for the approval of automated and fully driverless vehicles in the EU.”
United States (U.S.) Senators Amy Klobuchar (D-MN) and Elizabeth Warren (D-MA) “called on Facebook and Instagram to address the platforms’ reported censorship of posts related to abortion services, following the Supreme Court’s overturning of Roe v. Wade last month” according to their public statement.
United States (U.S.) Senators Amy Klobuchar (D-MN) and Michael Bennet (D-CO) and Representative Elissa Slotkin (D-MI) “introduced two pieces of bicameral legislation to strengthen media literacy education to teach Americans the skills to identify online misinformation and disinformation:” The “Digital Citizenship and Media Literacy Act” (S.4490) would create a grant program at the Department of Commerce to teach students digital citizenship and media literacy skills to help them think critically about online content…[and] [t]he “Veterans Online Information and Cybersecurity Empowerment (VOICE) Act” (S.4493) would create a grant program at the Department of Veterans Affairs (VA) to teach veterans digital and media literacy skills as well as cybersecurity best practices to identify disinformation and online scams.
The European Commission acknowledged “unannounced inspections at the premises of companies active in the online ordering and delivery of food, groceries and other consumer goods in two Member States” due to “concerns that the companies concerned may have violated Article 101 of the Treaty on the Functioning of the European Union, which prohibits cartels and restrictive business practices.”
Tweet of the Day
“Twitter Stock Drops After Elon Musk Looks to End Deal” and “Twitter Sends Letter to Elon Musk Saying Effort to Terminate Deal ‘Invalid and Wrongful’” — Wall Street Journal
“How Elon Musk Damaged Twitter and Left It Worse Off” By Kate Conger and Mike Isaac — New York Times
“Elon Musk Doesn’t Seem To Realize That Twitter Is Already A Free Speech Warrior In Countries Where It Actually Matters.” By Pranav Dixit — BuzzFeed News
“Report: U.S. diplomacy must adapt to cyberspace’s ‘new realities’” By Martin Matishak — The Record
“The FBI Keeps Losing Desktop Computers” By Joseph Cox — Vice
“2 Data Brokers Pledge to Halt Location Data Collection After Abortion Ruling” By Alexandra Kelley — Nextgov
“Russia Seeks to Punish Expats Who Criticize War on Social Media” By Margi Murphy and Madis Kabash — Bloomberg
“Hackers linked to the Chinese government increasingly target Russia, analysis suggests” By AJ Vicens — Cyberscoop
“Report: Lessons learned from Russia’s cyberattacks targeting Ukraine” By Daryna Antoniuk — The Record
“Senior Biden officials to brief senators on semiconductor chips” By David Shepardson — Reuters
“Lawmakers tell Facebook to stop deleting abortion posts for no reason” By Ashley Belanger — Ars Technica
“Exclusive: Trump left Sarasota media company weeks before federal subpoenas were issued” By Chris Anderson — Sarasota Herald-Tribune
“US defence firm ends talks to buy NSO Group’s surveillance technology” By Stephanie Kirchgaessner — The Guardian
“Digital repression across borders is on the rise” By David Silverberg — MIT Technology Review
“Russian information operations focus on dividing Western coalition supporting Ukraine” By AJ Vicens — Cyberscoop
“TikTok owner ByteDance to launch new social media app for young users that will rival Instagram-like service Xiaohongshu” By Coco Feng — South China Morning Post
“Predatory Sparrow: Who are the hackers who say they started a fire in Iran?” By Joe Tidy — BBC
“EU spyware inquiry fails to put Spain on list of fact-finding trips” By Antoaneta Roussi — Politico EU
§ 12 July
o The European Data Protection Board will hold a plenary meeting with this agenda.
§ 13-14 July
o The United States (U.S.) National Institute of Standards and Technology’s (NIST) Information Security and Privacy Advisory Board (ISPAB) will hold a meeting
§ 14 July
o The United States (U.S.) Federal Communications Commission (FCC) will hold an open meeting with this agenda:
§ Enhanced Competition Incentive Program for Wireless Radio Services. The Commission will consider a Report and Order and Second Further Notice of Proposed Rulemaking that would incentivize beneficial transactions for small carriers, Tribal nations, and rural interests. (WT Docket No. 19-38)
§ Updating the Intercarrier Compensation Regime to Eliminate Access Arbitrage. The Commission will consider a Further Notice of Proposed Rulemaking to modify its access stimulation rules to address ongoing harmful arbitrage of the Commission’s intercarrier compensation regime that imposes costs ultimately borne by interexchange carriers and their customers. (WC Docket No. 18-155)
§ Supporting Survivors of Domestic and Sexual Violence. The Commission will consider a Notice of Inquiry seeking comment on ways in which it can assist survivors of domestic violence, sexual violence, dating violence, intimate partner violence, human trafficking, or stalking through the Commission’s Lifeline and Affordable Connectivity Programs. The Notice also seeks comment on how the Commission might protect survivors’ communications records with support organizations. (WC Docket Nos. 11-42, 21-450, 22-238)
§ Updating Resources Used to Determine Local TV Markets. The Commission will consider a Notice of Proposed Rulemaking that would begin the process of updating its rules to use the most up-to-date market information for determining a television station’s local market for carriage purposes. (MB Docket No. 22-239)
§ Removing Obsolete Analog-Era Provisions from Part 74 Rules. The Commission will consider an Order and Sixth Notice of Proposed Rulemaking that would amend its Part 74 rules for low-power television and television translators to remove obsolete rules for analog TV operations. (MB Docket No. 03-185)
§ Enforcement Bureau Action. The Commission will consider an enforcement action.
o The United States (U.S.) Senate Banking, Housing, and Urban Affairs Committee will hold a hearing titled “Advancing National Security and Foreign Policy Through Export Controls: Oversight of the Bureau of Industry and Security.”
o The United States (U.S.) Senate Homeland Security & Governmental Affairs Committee will hold a hearing titled “Protecting the Homeland from Unmanned Aircraft Systems.”
§ 19 October
o The United States (U.S.) Federal Trade Commission (FTC) will hold a virtual event “to examine how best to protect children from a growing array of manipulative marketing practices that make it difficult or impossible for children to distinguish ads from entertainment in digital media.”
§ 1 November
o The United States (U.S.) Federal Trade Commission (FTC) will hold PrivacyCon.