decentralized-id.github.io/identosphere-dump/public_sector/usa.md
2022-12-12 06:09:55 -05:00

10 KiB
Raw Blame History

United States

  • Consumer Online Privacy Rights Act (COPRA) (Democrats) Sponsored in November 2019 by Democratic Senator Maria Cantwell of Washington, this bill is considered by some to be “GDPR-esque” and more consumer than business friendly.
  • Setting an American Framework to Ensure Data Access, Transparency and Accountable Ability Act (SAFE DATA Act) (GOP) Combining three previous bills, the SAFE DATA Act is considered by some as more “business friendly”.
  • Information Transparency and Personal Data Control Act – Re-introduced by Congresswoman Suzan DelBene (WA-01) for the fourth time (the latest on March 10, 2021), this bill “… protects personal information including data relating to financial, health, genetic, biometric, geolocation, sexual orientation, citizenship and immigration status, Social Security Numbers, and religious beliefs. It also keeps information about children under 13 years of age safe. ”Beyond this it requires businesses to write their privacy policies in simple language.“

The sunk cost of centralized databases is not an obstacle to decentralization. Verifiable credentials can be easily layered onto existing systems for better security. They can be used as a tool for orchestrating complexities across multiple identity management systems and databases so that they become privacy preserving and fraud resistant.

  • The Federal Trade Commission would have to maintain a public registry of data brokers and present a way for users to opt out of targeted advertisements and other data sharing practices.
  • Consumers could access, correct and delete their own data and companies would have to tell third parties to change user data where users request it.

If a business has had an annual revenue less than “$41 million, did not collect or process the data of more than 100,000 individuals, and did not derive more than 50% of revenue from transferring personal information” in the last three years, they are not considered a covered entity in this bill.

The FTC is issuing an advanced notice of proposed rule-making to address commercial surveillance, the “business of collecting, analyzing, and profiting from information about people”. [...] The public can offer input on the FTC notice and the commission will hold a virtual public forum on 8 September.

I know almost everyone can probably find something that they wished were different in the bill. On the other hand, I do think we have a band-aid for the American people who are just fed up with the lack of privacy online

We must promote access to safe and affordable financial services.  Many Americans are underbanked and the costs of cross-border money transfers and payments are high.  The United States has a strong interest in promoting responsible innovation that expands equitable access to financial services, particularly for those Americans underserved by the traditional banking system, including by making investments and domestic and cross-border funds transfers and payments cheaper, faster, and safer, and by promoting greater and more cost-efficient access to financial products and services.  The United States also has an interest in ensuring that the benefits of financial innovation are enjoyed equitably by all Americans and that any disparate impacts of financial innovation are mitigated.

Responding to the experiences of the American public, and informed by insights from researchers, technologists, advocates, journalists, and policymakers, this framework is accompanied by From Principles to Practice—a handbook for anyone seeking to incorporate these protections into policy and practice

The Utah bill, on the other hand, allows public agencies to use facial recognition as long as certain guidelines are followed. Most notably, law enforcement officers must submit a written request before performing a facial recognition search, and must be able to provide a valid reason for doing so.  for financial institutions.

Specifically, the FTC will be more closely monitoring all companies covered by the Childrens Online Privacy Protection Act of 1998 (COPPA), with particular attention to ed tech, to ensure that children have access to educational tools without being subject to surveillance capitalism.

  • GDPR: Everything you need to know - is a great post by authentic explaining it at a high level that we thought would be helpful to those trying to orient. This is a round-up from Ally Medina (who was at IIW). She worked on getting AB 2004 passed in California that permitted Verifiable Credentials to be used for Covid-19 test results. It covers other California developments too.

Hearings in Wyoming this week. Go to this page and click on the 11/2/2020 meeting details. The section of interest is the 9:30 am (Wyoming time) discussion on Disclosure of private cryptographic keys.

In this article, well try to summarize the key points surrounding the infrastructure bill and the effect it has on crypto.

  • Establish a task force made up of key federal agencies and state representatives.
  • Direct NIST to create a new framework of standards to guide agencies in implementing identity systems.
  • Establish a grant program within the DHS to support states in upgrading.

January Walker is running for office in Utahs 4th district

FTC begins a process around regulating Commercial Surveillance and ensuring Data Security

The comments on its 95 questions are due October 21.

See the comments Kaliya made in her 2 min along with links to the questions and more information about the process.

USCIS make public announcement about their plants to use Verifiable Credentials for Immigration credentials

Very interesting #FedID presentation on @USCIS plans for digital immigration credentials. Looking to use the @w3c Verifiable Credentials standard - this may be the first use of VCs at scale in the US government.

Self-Sovereign Identity and each individual's responsibility to safeguard their identity are crucial for the protection of personal data.

The IRS will use ID.me's authentication and identity proofing service exclusively starting sometime this summer. The identity proofing portion employs facial scanning by a third party, causing some concern.

If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me

  • THE IRS AND ID.ME: PRIVACY OPTIONAL Trust Over IP

    While it is not clear why the IRS would relinquish this extremely sensitive capability in its entirety to a single, private-sector entity using a proprietary solution, there are clues