New Illinois Privacy Laws, If Passed, Would Lead Nation as Bulwark Against Federal Deregulation

Posted on March 29, 2017

Illinois state lawmakers are now deliberating on new legislation aimed at solidifying internet user privacy and which, if passed, would constitute some of the most robust such protections in the nation. Of the three proposals, the principal bill under consideration would mandate that all companies which collect and/or transfer user data, whether by sale, exchange, or any other means, must disclose to users what data is retained or transferred. Another proposed regulation would impose limits on when sites, services, or applications are allowed to request smartphone location data, while a third would restrict the ability of internet-connected devices ranging from smartphones to Internet of Things devices, such as smart assistants like the Amazon Echo or smart TVs, to record audio data via microphone.

Not only could these Illinois regulations, if adopted, encourage other states to follow suit, but they may incentivize companies to adopt more robust overall privacy protections to mitigate the cost of offering products with different privacy protections in different markets. If enough states follow Illinois’s lead, tech companies are likely to simply market a product compliant with the most comprehensive of these regulations to all states in order to avoid having to hire separate development teams for separate state markets.

Efforts in Illinois represent only the latest initiative at the state level to enshrine privacy safeguards for users, as the proliferation of privacy-minded regulations is already well underway in states across the country. Various states legislatures have already passed measures to limit the digital records which the government may retain and bar employers from scrutinizing employees’ social media activity, such as by compelling them to surrender social media account access.

This recent push by the Illinois state legislature comes amid the federal government’s swift moves to dismantle protections for user online privacy. The FCC has already authorized the suspension of privacy regulations imposed under prior administrations. More troublingly, both the Senate and the House voted to allow ISPs to sell user data without user consent or choice to opt out, leaving only President Trump’s signature in the way of the measure’s approval. 

In this climate, state legislation could not be more timely, as state and local regulations take precedence over federal policies. However, in spite of regulatory measures’ support from coalitions between democrats and libertarian-leaning republicans who share a belief in the sanctity of citizens’ right to privacy, their passage is not a given. Pushback to the proposed Illinois statutes from tech and telecom companies has been particularly aggressive, and citizens will likely need to voice their support for the proposals to buoy privacy-minded lawmakers.

All three bills are currently being reviewed by the Illinois House’s Cybersecurity, Data Analytics, & IT Committee. Anyone seeking to show voice support for the Right to Know Act (HB2774), Geolocation Privacy Protection (HB3449), or Microphone-Enabled Devices Act (HB3819) should contact their representative in the Illinois House. As an Illinois Senate version of the Right to Know Act (SB1502) is also presently up for consideration in committee, those interested in endorsing the proposal should contact their representatives in the Illinois Senate as well. 

You can find the full story from The New York Times here.