Bill | Sponsor | Outlook |
Delay HIPAA movement | Rep. John Shadegg (R-Ariz.) and Sen. Larry Craig (R-Idaho) have both introduced bills that would stall implementation of the health privacy rules until 2004. Bill numbers: HR 1975 and S 836 | Unlike global warming, President Bush doesn't believe that health privacy rules need more study. He had the opportunity to delay them and didn't. |
Spam control | Rep. Heather Wilson's (R-N.M.) antispam bill, HR 718, was recently stripped of key provisions (including one that would allow consumers to sue companies that didn't honor opt-out requests) by the House Judiciary Committee. In the Senate, Sens. Conrad Burns (R-Mont.) and Ron Wyden (D-Ore.) have introduced S 630, which is virtually identical to the Wilson bill. | Congress is more likely to ban human cloning this session than spam. Antispam groups worry that the Judiciary version of the Wilson bill is too weak; businesses oppose the bills because they worry legislation will restrict legitimate e-mail marketing. |
Just a suggestion | Rep. Adam Smith (D-Wash.) is championing a resolution, not a law, to encourage the use of Platform for Privacy Preferences (P3P) on Web sites. His web site is P3P-compliant, by the way. | Lawmakers generally oppose suggesting any specific technological solutions. |
The "study it and maybe it'll go away" bill |
Reps. Asa Hutchinson (R-Ark.) and James Moran (D-Va.) have proposed creating a 17-member congressional commission to study privacy for 18 months. | This bill has a shot at passing in the House. The Senate is a big question mark. But all it will accomplish is to delay the privacy debate for two years. Such studies rarely change the issues or bring Congress to a consensus on the issue |
Opt-in vs. opt-out | Sen. Dianne Feinstein (D-Calif.) recently introduced her own privacy bill, S 1055, favoring opt-in rules. But other key senators, including John McCain (R-Ariz.) and possibly Fritz Hollings (D-S.C.), will soon file opposing bills on the same topic. | Feinstein supports opt-in standards. McCain likes "opt-out." Don't expect quick action. |
I-Spy | The Spyware Control and Privacy Protection Act of 2001, S 197, would require companies to get end-user permission to track Internet use. The legislation is ostensibly directed at so-called spyware -- software that includes tracking capabilities, with disclosure typically buried in licensing agreements. However, the bill's language is broad and may possibly include the use of cookies under some interpretations of this legislation. Sponsored by Sen. John Edwards (D-N.C.). | A new bill, with a long way to go. |
Gramm-Leach- Bliley-Sarbanes on the way. |
Privacy advocates believe the Gramm-Leach-Bliley Act of 1999 does little to protect consumer privacy. Sen. Paul Sarbanes (D-Md.) wants to fix that in a bill, S 30, that would amend this sweeping financial modernization legislation with tougher privacy rules. | Thanks to the Senate leadership shake-up, Sarbanes is now chairman of the Senate Banking Committee. He controls the agenda. Watch out. |
Security Risk and Reward
Stories in this report:
- Want to Save Some Money? Automate Password Resets
- Knowldge Quest
- Companies Need Security Pros With More Varied Skills
- Finding Answers
- The Enemy Within
- The Threat of XML
- SOAP, Other Protocols Specify Security for XML
- The Problem With Power
- Top 10 Security Mistakes
- Playing By Europe's Rules
- False Alarm?
- An Ounce of Intrusion Prevention
- Deadly Pursuit
- IDS Products and Prices
- Should You Outsource IDS?
- Who He Is
- Manager Offers Primer On Computer Forensics
- Unlocking Secure Online Commerce
- Too Late For Digital Certificates?
- Giving Users Back Their Privacy
- Feeling Safe With IT Security Deals
- Finjan's Software Bolcks Active Content Threat
- Security Statistics
- The Guardian
- Congress Considers Slew of Bills That Will Affect IT, E-Commerce
- U.S. Legislators Ponder Masses of Bills; Outlook Remains Murky
- Rule Changes May Further Protect Company Security Data
- Getting Started in Computer Forensics
- PKI Carries the Mail for U.S. Postal Service
- Security by Syntax