Unwilling to wait any longer for the federal government to act, legislators in Washington State are pushing for tougher rules and greater protections over the personal data that tech companies gather on their consumers.
Companies that fail to comply with the proposed new privacy rules could be meted fines of up to $7,500 per violation.
Monica Nickelsburg filed this report on the Washington State initiative in GeekWire:
The bill, proposed by state Sen. Reuven Carlyle, would give consumers the right to see what data is collected about them and find out whether that information is being sold to a third party. It would require companies to allow consumers to correct inaccurate information, delete their personal data, and object to their personal data being used in direct marketing. The bill would also put new regulations on companies developing facial recognition software, such as the state’s homegrown tech giants Amazon and Microsoft.
[…]
The bill applies to companies that control or process data on more than 100,000 Washington residents and data brokers with information on more than 25,000 Washingtonians. Alben said companies that already comply with Europe’s General Data Protection Regulation, enacted last May, shouldn’t have a hard time complying with the proposed law in Washington.
If enacted, the bill would require companies that collect personal data to be transparent with users about the type of information they’re recording, how they use it, and whether it is shared with third parties. If those companies create profiles about their users for ad targeting, they will have to disclose that before personal data is collected “including meaningful information about the logic involved and the significance and envisaged consequences of the profiling.”
