12 KiB
United States
- A US National Privacy Law Looks More Likely Than Ever
from the plethora of federal privacy bills put forward, there are three standouts:
- Consumer Online Privacy Rights Act (COPRA) (Democrats) – Sponsored in November 2019 by Democratic Senator Maria Cantwell of Washington, this bill is considered by some to be “GDPR-esque” and more consumer than business friendly.
- Setting an American Framework to Ensure Data Access, Transparency and Accountable Ability Act (SAFE DATA Act) (GOP) – Combining three previous bills, the SAFE DATA Act is considered by some as more “business friendly”.
- Information Transparency and Personal Data Control Act – Re-introduced by Congresswoman Suzan DelBene (WA-01) for the fourth time (the latest on March 10, 2021), this bill “… protects personal information including data relating to financial, health, genetic, biometric, geolocation, sexual orientation, citizenship and immigration status, Social Security Numbers, and religious beliefs. It also keeps information about children under 13 years of age safe. ”Beyond this it requires businesses to write their privacy policies in simple language.“
- ID.me and the future of biometric zero trust architecture Mike Vesey of IDRamp
The sunk cost of centralized databases is not an obstacle to decentralization. Verifiable credentials can be easily layered onto existing systems for better security. They can be used as a tool for orchestrating complexities across multiple identity management systems and databases so that they become privacy preserving and fraud resistant.
- The Federal Trade Commission would have to maintain a public registry of data brokers and present a way for users to opt out of targeted advertisements and other data sharing practices.
- Consumers could access, correct and delete their own data and companies would have to tell third parties to change user data where users request it.
- What is the American Data Privacy and Protection Act? IdentityReview
If a business has had an annual revenue less than “$41 million, did not collect or process the data of more than 100,000 individuals, and did not derive more than 50% of revenue from transferring personal information” in the last three years, they are not considered a covered entity in this bill.
The FTC is issuing an advanced notice of proposed rule-making to address commercial surveillance, the “business of collecting, analyzing, and profiting from information about people”. [...] The public can offer input on the FTC notice and the commission will hold a virtual public forum on 8 September.
I know almost everyone can probably find something that they wished were different in the bill. On the other hand, I do think we have a band-aid for the American people who are just fed up with the lack of privacy online
- Executive Order on Ensuring Responsible Development of Digital Assets White House - President Biden
We must promote access to safe and affordable financial services. Many Americans are underbanked and the costs of cross-border money transfers and payments are high. The United States has a strong interest in promoting responsible innovation that expands equitable access to financial services, particularly for those Americans underserved by the traditional banking system, including by making investments and domestic and cross-border funds transfers and payments cheaper, faster, and safer, and by promoting greater and more cost-efficient access to financial products and services. The United States also has an interest in ensuring that the benefits of financial innovation are enjoyed equitably by all Americans and that any disparate impacts of financial innovation are mitigated.
- Blueprint for an AI Bill of Rights - MAKING AUTOMATED SYSTEMS WORK FOR THE AMERICAN PEOPLE Whitehouse.Gov
Responding to the experiences of the American public, and informed by insights from researchers, technologists, advocates, journalists, and policymakers, this framework is accompanied by From Principles to Practice—a handbook for anyone seeking to incorporate these protections into policy and practice
The Utah bill, on the other hand, allows public agencies to use facial recognition as long as certain guidelines are followed. Most notably, law enforcement officers must submit a written request before performing a facial recognition search, and must be able to provide a valid reason for doing so. for financial institutions.
Specifically, the FTC will be more closely monitoring all companies covered by the Children’s Online Privacy Protection Act of 1998 (COPPA), with particular attention to ed tech, to ensure that children have access to educational tools without being subject to surveillance capitalism.
- GDPR: Everything you need to know - is a great post by authentic explaining it at a high level that we thought would be helpful to those trying to orient. This is a round-up from Ally Medina (who was at IIW). She worked on getting AB 2004 passed in California that permitted Verifiable Credentials to be used for Covid-19 test results. It covers other California developments too.
Hearings in Wyoming this week. Go to this page and click on the 11/2/2020 meeting details. The section of interest is the 9:30 am (Wyoming time) discussion on Disclosure of private cryptographic keys.
- The Infrastructure Bill and What it Holds for Crypto SelfKey Foundation
In this article, we’ll try to summarize the key points surrounding the infrastructure bill and the effect it has on crypto.
-
[...]
-
Foster Introduces Bipartisan Digital Identity Legislation that would:
- Establish a task force made up of key federal agencies and state representatives.
- Direct NIST to create a new framework of standards to guide agencies in implementing identity systems.
- Establish a grant program within the DHS to support states in upgrading.
January Walker is running for office in Utah’s 4th district
FTC begins a process around regulating Commercial Surveillance and ensuring Data Security
The comments on its 95 questions are due October 21.
See the comments Kaliya made in her 2 min along with links to the questions and more information about the process.
USCIS make public announcement about their plants to use Verifiable Credentials for Immigration credentials
Very interesting #FedID presentation on @USCIS plans for digital immigration credentials. Looking to use the @w3c Verifiable Credentials standard - this may be the first use of VCs at scale in the US government.
Self-Sovereign Identity and each individual's responsibility to safeguard their identity are crucial for the protection of personal data.
- IRS Using Facial Scanning Phil Windley
The IRS will use ID.me's authentication and identity proofing service exclusively starting sometime this summer. The identity proofing portion employs facial scanning by a third party, causing some concern.
- IRS Will Soon Require Selfies for Online Access Krebs on Security
If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me
-
THE IRS AND ID.ME: PRIVACY OPTIONAL Trust Over IP
While it is not clear why the IRS would relinquish this extremely sensitive capability in its entirety to a single, private-sector entity using a proprietary solution, there are clues
-
Excelsior Pass Plus to be recognized out of state, internationally WGRZ
Excelsior Pass Plus will be compatible with the globally recognized SMART Health Cards Framework developed by VCI. VCI is a coalition of 570 public and private organizations including major health networks and Microsoft.
-
One key aspect outlined in Section 4 of the Executive Order (EO) is securing the software supply chain. At issue here is the reality that the U.S. federal government—like nearly any other organization on the planet that uses computer technology in any form—relies on not just one but numerous types of software to process data and run operational equipment.
-
New Directions for Government in the Second Era of the Digital Age Kuppinger Cole
The Blockchain Research Institute™, in collaboration with the Washington DC based Chamber of Digital Commerce and other experts have produced a 120-page report on how the Biden-Harris administration could reimagine US technology strategy and policy—and take action to implement it.