16 States Introduce New Privacy Protection Measures

The American Civil Liberties Union announced today that sixteen states across the country are introducing bills to protect residents' private data. The bills still need to pass through the legislature in each state.

“We are united in our belief that if the government has a legitimate reason for wanting to access someone’s communications or to use a device to track someone’s movements, it must get a warrant,” Romero and Boldin wrote. “We also believe that if corporations want to track what Americans, including our children, do online, on private social media pages, or in school, they must get clear and express permission to do so. Without a warrant or our permission, they simply shouldn't be doing it.”

I really hope they pass.

But remember, we do have the best government that money can buy, so that's that.

State legislation, not Federal.

Most of these look appropriate, ie protections on personal data and privacy at schools and for employers. These are appropriate protections for individual States to take up and decide for themselves.

When they start trying to apply these protections at the State level to Internet related, (read Interstate Commerce), businesses etc. that are not actually located in their States, say NetFlix. This is where they should instead focus their effort at the Federal level because it won't have any bite, too hard to enforce, etc.

At the same time, people also try and pass legislation at the Federal level that can be passed perfectly well, and should be addressed, at the State level, which is usually why it fails. An example would be requiring background checks on the sale of personally owned firearms, this is a State issue, it's not within the Federal Government's authority to regulate because it is not related Interstate Commerce.

Does this cover when cell phone apps require full access to your microphone? Like a flashlight program wanting access to our text messages and phonebook?

CA should be on that list. The number of schools and students could really benefit on this. Our campus as implemented a lot of question privacy practices regarding computer usage to combat cheating but i feel its borderline monitoring what you do 24/7.

this is kinda a red herring unless they also change the wiretap laws to require law enforcement to actually serve the person in question with the warrant. Many times they will go before a judge with evidence on person a and use it to look for evidence on everyone else that uses that telco office or telco slam. Basically they go to telco with a warrant for someone they have in lock up and then request from the phone company or isp all the records for the past year that used that offices dns look up table. Which means if you use a cell phone that uses multiple towers your records could end up in a court hearing as public info simply because you used the same cell tower as a drug dealer driving through your neighborhood.

I really doubt that they will bring in network engineers to explain to someone who is writing the bill to protect people who have other skills. Like say drafting legal arguments...

The Bills are all individual by State, several use much of the same language I imagine, but to know for sure you should look at that list to see if your State is one of the 16 or so mentioned, see which types of Bills they are looking to pass, then hunt down the Bill language yourself online, It'll be out there.


There are about 10 different types of bills being pushed but most of the states involved are only interested in one or two of them. A few States are interested in protecting kids, others in general school protections and employment, others only seem to want to push back against the the use of Stingrays requiring warrants which is pretty much uselessly stupid. If you think it through, to use a Stingray you need to have a target phone you are looking for, that means you need that ESN or whatever it is, which you would have needed a warrant to get from the guy's service provider. So they already went through the trouble of getting a warrant for the phone's ESN, what's the real point of also requiring a warrant to use it to find the guy? Requiring rapid deletion of the unintended intercept data isn't useless. And I think that we could be cutting our noses off to spite our faces with forcing deletion of license plate data unrelated to a wanted person and instead should be focusing on how the data is accessed and used. Someone steals my car I would be happy if they could hunt it down using that data, I just don't want them selling it off or cross referencing it with other data without legit need, or even searching my plate number and the data without a warrant.

My take.

drakken said:

this is kinda a red herring unless they also change the wiretap laws to require law enforcement to actually serve the person in question with the warrant. Many times they will go before a judge with evidence on person a and use it to look for evidence on everyone else that uses that telco office or telco slam. Basically they go to telco with a warrant for someone they have in lock up and then request from the phone company or isp all the records for the past year that used that offices dns look up table. Which means if you use a cell phone that uses multiple towers your records could end up in a court hearing as public info simply because you used the same cell tower as a drug dealer driving through your neighborhood.

I really doubt that they will bring in network engineers to explain to someone who is writing the bill to protect people who have other skills. Like say drafting legal arguments...

Click to expand...

You want them to serve the target of the wire tap notice? You don't think a law regulating handling of the unrelated data is enough, you think we should completely destroy the entire purpose of electronic surveillance of an individual target. Talk about throwing the baby out with the bathwater.