H.R.4517 - APPS Act of 2016114th Congress (2015-2016)
|Sponsor:||Rep. Johnson, Henry C. "Hank," Jr. [D-GA-4] (Introduced 02/10/2016)|
|Committees:||House - Energy and Commerce|
|Latest Action:||House - 02/12/2016 Referred to the Subcommittee on Commerce, Manufacturing, and Trade. (All Actions)|
This bill has the status Introduced
Here are the steps for Status of Legislation:
Summary: H.R.4517 — 114th Congress (2015-2016)All Information (Except Text)
Introduced in House (02/10/2016)
Application Privacy, Protection, and Security Act of 2016 or the APPS Act of 2016
This bill directs mobile device application developers, before the application collects personal data about the user, to notify the user and obtain the user's consent regarding the terms and conditions governing the collection, use, storage, and sharing of such personal data.
Excluded from such notice and consent requirements is any "de-identified data" that cannot reasonably be used to identify or infer information about, or otherwise be linked to, a particular individual or mobile device, as determined with a reasonable level of justified confidence based on the available methods and technologies, the nature of the data at issue, and the purposes for which the data will be used.
Developers must: (1) provide users with a method to withdraw such consent and to request that the developer delete personal data or refrain from further data collection or sharing, and (2) take measures to prevent unauthorized access to personal and de-identified data.
Violations are to be treated as unfair or deceptive acts or practices under the Federal Trade Commission Act.
The Federal Trade Commission (FTC) must promulgate regulations to implement and enforce this Act.
States may bring civil actions in federal court on behalf of affected state residents.
Nothing in this Act prohibits a developer from disclosing or preserving personal data or de-identified data as required by other federal laws or, except when superceded by this Act, the laws of a state or political subdivision, including court orders.
A developer may satisfy the requirements of this Act by adopting and following a code of conduct for consumer data privacy that is approved pursuant to FTC regulations.