If you have never heard of US senators Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.), then you should start to familiarise yourself now. These two senators are pushing a privacy “bill of rights” to cover American consumers data. This is a massive step in the right direction and seems to cover a lot of similar areas to the European Union’s General Data Protection Regulation (GDPR).
The bill is called the Customer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) and despite the name being an obvious play to have an acronym that people remember, would require the US Federal Trade Commission (FTC) to set up protection for the privacy of customer’s data with ‘Edge providers’.
If you have never heard the term ‘Edge provider’, don’t worry, most outside the US haven’t. Essentially, ‘Edge provider’ is a term the Federal Communications Commision (FCC) coined in reference to any provider that, as a provider, is an “individual or entity that provides any content, application, or service over the Internet, and any individual or entity that provides a device used for accessing any content, application, or service over the Internet.”
The CONSENT Act has a lot of similarities to the GDPR and mandates that the FTC require all edge providers to:
- Obtain opt-in consent from users to use, share, or sell users’ personal information
- Develop reasonable data security practices
- Notify users about all collection, use, and sharing of users’ personal information
- Notify users in the event of a breach
This is all things that we as consumers would have expected were in place already, but no, the wild west of the treatment of data (as shown by the Cambridge Analytica, Equifax, LinkedIn scandals of the last few years) would say otherwise.
For digital marketers, the same approach to the GDPR should be taken. This is the perfect time for us to audit our own systems and practices to ensure we are upholding best practice and have the consumers at heart. If you are not sure what that means (Facebook), then use the GDPR and CONSENT as a good starting point.