If you use #biometric means for #commercial purposes, not just a way for your employees to #authenticate to company devices/facilities, the #FTC is putting you on notice. Only 3 states (as of today) have #Biometric #Privacy #Laws in place - more than a dozen are working on #legislation now. The #ADPPA will have provisions for Biometric Privacy with regards to commercial use, but that's probably 12-18 months out (at least) from becoming a law. Check this article out. #Illinois isn't playing around: https://www.scmagazine.com/news/identity-and-access/ftc-to-crack-down-on-biometric-tec[…]GxNNIwwXOzak6aUeaAfVN26zQDToKa3VkfI6YAs3wvdfv-Woge99JpOxqlA

#PrivacyLaws #CyberSecurity #ThreatIntelligence #WatchYourAsses

@sippey as #PrivacyFramework hovers on the verge of collapse and the #ADPPA is on life support, I'm 1000000% positive that this #GOP can lead us to federal #privacy law and #FISA reform to solve the intractable EU-US cross border data transfers issue that's plagued us since #Schrems went tilting at Facebook's windmills for the first time nearly a decade ago.

RT @keir_lamont@twitter.com

The ninth comprehensive state privacy bill introduced this year is the Massachusetts Data Privacy Protection Act (SD 757)

Looks like the first new bill to contain elements directly inspired by the #ADPPA - data civil rights, privacy by design, etc

Link: https://malegislature.gov/Bills/193/SD757

🐦🔗: https://twitter.com/keir_lamont/status/1616034101559001089

@privacat @DLT @nexusofprivacy Also locking in privacy legislation that lets companies share data with bounty hunters and law enforcement in states that have criminalized abortion and gender-affirming care (and all the other ways #ADPPA doesn't protect pregnant people or LGBTQ+ people) aligns with the GOP's priorities. Just look at the examples in this thread.

@privacat @nexusofprivacy I'm with @DLT on this. Plenty of centrist Dems support the current watered-down business-friendly version of #ADPPA. Pelosi has been strong this session, as has Cantwell; but then again Schumer's mighty friendly to Big Tech (and so are Biden and Harris) so there'll be a lot of pressure on Cantwell next session.

And, DC-based privacy organizations are continuing to advocate for ADPPA. Here's CDT, just a few minutes ago

https://twitter.com/CenDemTech/status/1604902094745792512

@ali That's the stated spirit of the laws and I think a lot of legislators actually believe it but the wording undercuts it. #ADPPA claims to have deletion rights but as well as the "public data" exception there are big loopholes even for Twitter DMs

https://mastodon.social/@jdp23@indieweb.social/109538470819767073 and its parent post have more.

As @mikarv has discussed Twitter DMs *are* covered by GDPR's deletion rights but I'm not sure what exceptions are in place.

@mikarv @ali

@ali I think the GDPR's "right to erasure" (aka right to be forgotten) relates to this, but I'm not an expert on that so don't know if it covers this particular case.

https://gdpr-info.eu/art-17-gdpr/

Under the proposed #ADPPA, these would be considered public data -- which is exempt, so there's no privacy right.

From this description, it seems like they'd be public under CCPA/CPRA as well.

https://www.truevault.com/learn/ccpa/what-is-publicly-available-information-under-the-ccpa

@nexusofprivacy Not really. #ADPPA's section 203 gives people the right to delete the data companies have on them, which seems like it would address the problem. But in reality there are some loopholes that would be easy for Twitter to exploit.

For example, ADPPA lets Twitter ignore deletion requests that interfere with "investigations" (§203(e)(3)(A)(vii)) – like the Twitter Files "investigation" that's currently getting press.

RT @EPICprivacy@twitter.com

"The next Congress should recognize what is sitting in its lap: a carefully crafted, comprehensive framework to protect data privacy rights after years of inaction have allowed the surveillance economy to grow unbothered and unaccountable." #ADPPA https://www.washingtonpost.com/opinions/2022/12/08/tech-privacy-bill-bipartisan-congress/

🐦🔗: https://twitter.com/EPICprivacy/status/1600944255916077056

My good friend at DNSFilter, Alex Applegate, wrote a very well-thought out piece on the American Data Privacy and Protection Act - check it out on The Hill.

"The bill ... represents a step forward in how the nation protects people’s rights — and their data"

#ADPPA

https://thehill.com/opinion/technology/3668597-data-privacy-bill-is-flawed-but-necessary/

RT @cobun@twitter.com

Setting aside the title question, this piece from Cam Kerry includes a comprehensive analysis of the difference between #ADPPA and CPRA/CCPA. https://twitter.com/cam_kerry/status/1593648979027415040

🐦🔗: https://twitter.com/cobun/status/1594784378567200785

"As Nancy Pelosi winds down her remarkable leadership run, she holds the fate of national #privacy legislation in her hands. If she brings the #ADPPA to the House floor, it is likely to pass with a bipartisan vote."

https://www.brookings.edu/blog/techtank/2022/11/18/will-california-be-the-death-of-national-privacy-legislation/

By @Cam_Kerry

RT @jduballreports@twitter.com

I'm intrigued by the possibility of privacy taking priority here and could certainly see the bill passing... the Senate. Have to think the House will receive the bill and wonder why it can't be incorporated into #ADPPA and resist full consideration until it is. https://twitter.com/commercedems/status/1592617915836432384

🐦🔗: https://twitter.com/jduballreports/status/1592833271322509312

American Data Privacy and Protection Act (#ADPPA)
versus
California Privacy Rights Act (#CPRA)

The Bipartisan House Privacy Bill Would Surpass State Protections
by Stacey Gray

https://www.lawfareblog.com/bipartisan-house-privacy-bill-would-surpass-state-protections

Federal privacy legislation that protects civil rights is critical for all Americans
by Bertram Lee

https://thehill.com/opinion/congress-blog/3568525-federal-privacy-legislation-that-protects-civil-rights-is-critical-for-all-americans/