United States of America: Introduced American Data Privacy and Protection Act including data protection measures

On 21 June 2022, the American Data Privacy and Protection Act is introduced in the United States House of Representatives. The Bill outlines rules on data protection including the prohibition on unnecessary data collection and restricts certain harmful data practices. Further, covered entities are required to implement data collection, processing, and transfer policies that take privacy risks into account, and to provide information about these policies to individuals in a transparent manner. The Bill also gives individuals rights to access, correct, delete, and portability of their data, as well as a right to being provided with a means to consent or object to new uses of their data. Stricter data protection rules apply to children and minors, including prohibitions on targeted advertising to individuals under the age of 17. Additionally, the Bill prohibits covered entities from collecting, processing, or transferring data in a way which discriminates or makes the equal enjoyment of goods or services unavailable based on race, colour, religion, national origin, gender, sexual orientation, or disability. Finally, the Bill specifies that it will preempt the States privacy laws with the exemption of the ones regulating facial recognition technologies, electronic surveillance, wiretapping, health information or the laws that govern the privacy rights of employees and students.