A newly introduced bipartisan bill seeks to provide individuals with increased control over the sharing of data with services designed to notify them if they have been exposed to the COVID-19 coronavirus.
Proposed by U.S. Senators Maria Cantwell (D-WA), ranking member of the Senate Committee on Commerce, Science and Transportation, and Bill Cassidy (R-LA), and sponsored by U.S. Senator Amy Klobuchar (D-MN), the legislation seeks to both protect consumer privacy and promote public health.
Automated exposure notification services (including websites, online services and applications, mobile apps and platforms) are set to be released in the coming weeks to help track the spread of the COVID-19 virus and deliver notifications to individuals who might have been exposed.
The Exposure Notification Privacy Act makes participation in these exposure notification systems voluntary, based on affirmative, express consent, and also provides consumers with increased control over their data. It also allows individuals to withdraw at any time and to have their data deleted per request, and limits the types of data that can be collected to that which is necessary for the purpose of the system. Commercial use of this data is prohibited.
Furthermore, the bill makes it “unlawful to discriminate against, or otherwise make unavailable to an individual, any place of public accommodation based on data collected or processed through an automated exposure notification service.”
The legislation requires public health officials to be involved in the deployment of exposure notification systems and prohibits services that are not operated by or in collaboration with a public health authority. It also requires that only medically-authorized diagnoses be submitted.
The bill seeks to create strong cybersecurity and breach notification safeguards, empowers federal and state authorities (the Federal Trade Commission and State Attorneys General) to pursue violators and allows the FTC to pursue civil penalties for first-time violations.
“Public health needs to be in charge of any notification system so we protect people’s privacy and help them know when there is a warning that they might have been exposed to COVID-19,” Senator Cantwell said.
Related: Surveillance Bill Vote Scrapped After Opposition From Trump, DoJ
Related: Bipartisan Bill Aims to Reform NSA Surveillance of Americans
Related: Proposed Bill Seeks to Protect Researchers Disclosing Classified Government Backdoors

More from Ionut Arghire
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Atlassian Warns of Critical Jira Service Management Vulnerability
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- Google Shells Out $600,000 for OSS-Fuzz Project Integrations
- F5 BIG-IP Vulnerability Can Lead to DoS, Code Execution
- Flaw in Cisco Industrial Appliances Allows Malicious Code to Persist Across Reboots
- HeadCrab Botnet Ensnares 1,200 Redis Servers for Cryptomining
- Malicious NPM, PyPI Packages Stealing User Information
Latest News
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- China Says It’s Looking Into Report of Spy Balloon Over US
- GoAnywhere MFT Users Warned of Zero-Day Exploit
