[Congressional Bills 105th Congress]
[From the U.S. Government Publishing Office]
[H.R. 1964 Introduced in House (IH)]







105th CONGRESS
  1st Session
                                H. R. 1964

       To protect consumer privacy, empower parents, enhance the 
 telecommunications infrastructure for efficient electronic commerce, 
                      and safeguard data security.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                             June 19, 1997

  Mr. Markey introduced the following bill; which was referred to the 
                         Committee on Commerce

_______________________________________________________________________

                                 A BILL


 
       To protect consumer privacy, empower parents, enhance the 
 telecommunications infrastructure for efficient electronic commerce, 
                      and safeguard data security.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Communications Privacy and Consumer 
Empowerment Act''.

SEC. 2. FINDINGS.

    The Congress finds the following:
            (1) As our Nation's communications networks continue to 
        grow and become ever more sophisticated, more individuals and 
        industries will be using such networks to conduct commercial 
        transactions.
            (2) It is important to establish personal privacy rights 
        and industry obligations now so that consumers have confidence 
        that their personal privacy is fully protected in our Nation's 
        telecommunications networks.
            (3) The Nation's telecommunications infrastructure must be 
        safe and secure so that economic growth is not threatened due 
        to consumer concern over the electronic ethics of certain 
        cyberspace marketers.
            (4) The Telecommunications Act of 1996 (Public Law 104-104) 
        contains expanded privacy protections for consumers by 
        requiring that telecommunications carriers under the 
        jurisdiction of the Federal Communications Commission obtain 
        consumer approval prior to reusing or selling certain personal 
        information.
            (5) It is becoming increasingly apparent that the existing 
        privacy protections accorded consumers with respect to 
        information gathered by telecommunications carriers are not 
        alone sufficient to protect consumer privacy rights and that 
        further protections are needed to ensure that such rights are 
        retained and respected by other entities doing business in 
        cyberspace.
            (6) In addition to the growing number of businesses and 
        adults getting online, some 5,000,000 young Americans currently 
        use the Internet and this number is expected to grow to more 
        than 15,000,000 by the year 2000.
            (7) Recent media reports indicate that online marketers are 
        gathering personal information from children, in some cases in 
        a deceptive manner.
            (8) Child advocacy groups have also charged that liquor, 
        beer, and tobacco companies are utilizing Web sites to entice 
        children to visit and that such sites' cartoon characters, 
        glitzy features, games, music clips, and other characteristics 
        promote their products and foster underage drinking and 
        smoking.
            (9) In addition to the work performed by the Federal 
        Communications Commission in regulating our Nation's 
        telecommunications networks, the Federal Trade Commission 
        continues to have the task of ensuring that online marketers 
        and businesses do not engage in deceptive or fraudulent 
        practices. The Commission's privacy workshop in June 1997 has 
        developed a needed record of industry privacy practices that 
        can serve as the basis for Commission action, if needed.
            (10) The ease of gathering and compiling personal 
        information in cyberspace, both overtly and surreptitiously, is 
        becoming increasingly efficient and almost effortless due to 
        advances in digital telecommunications technology. As a result, 
        information gatherers are able to compile highly detailed 
        personal histories of both children and adults who are network 
        users.
            (11) Regardless of the technology that consumers use, their 
        privacy rights and expectations remain a constant. Consumers 
        must have knowledge that personal information is being 
        collected about them; consumers must be given conspicuous 
        notice if the recipient of that information intends to reuse it 
        for other purposes, or disclose, or sell it; and consumers must 
        have the ability to control the extent to which personal 
        information is collected about them and the right to prohibit 
        or curtail any unauthorized use, reuse, disclosure, or sale of 
        their personal information.
            (12) Our Nation's communications networks, including the 
        Internet, have developed extremely rapidly over recent years, 
        and changes in standards, protocols, and digital technologies 
have enabled consumers to make decisions about access to information 
and services, such as the types of content on the Internet.
            (13) New innovative technology may empower consumers and 
        parents to better control dissemination of personal information 
        by restoring decisionmaking power to the consumer or parent. 
        Technological tools may also help parents block access to Web 
        sites containing inappropriate material for their children.
            (14) Industry efforts, with Government encouragement and 
        oversight, to assist consumers through the development of 
        standards, protocols, and practices for the collection and 
        dissemination of personal information is critical to help 
        parents and consumers better control dissemination of their 
        personal information.
            (15) Adoption of strong, fair information policies, 
        standards, and practices, along with the widespread 
        implementation and utilization of consumer empowerment tools, 
        may limit the need for Government regulation of personal 
        information collection and dissemination practices on the 
        Internet or other telecommunications media.

           TITLE I--CONSUMER PRIVACY AND PARENTAL EMPOWERMENT

SEC. 101. FEDERAL TRADE COMMISSION EXAMINATION.

    (a) Proceeding Required.--Within 6 months after the date of 
enactment of this Act, the Federal Trade Commission shall commence a 
proceeding--
            (1) to determine whether consumers are able, and, if not, 
        the methods by which consumers may be enabled--
                    (A) to have knowledge that consumer information is 
                being collected about them through their utilization of 
                various telecommunications services and systems;
                    (B) to receive conspicuous notice that such 
                information could be used, or is intended to be used, 
                without authorization by the entity collecting the data 
                for reasons unrelated to the original communications, 
                or that such information could be sold (or is intended 
                to be sold) to other companies or entities; and
                    (C) to exercise control over the collection of 
                personal information and to stop the unauthorized use, 
                reuse, disclosure, or sale of that information;
            (2) to determine whether, in the case of consumers who are 
        children, the abilities described in subparagraphs (A), (B), 
        and (C) of paragraph (1) are or can be exercised by their 
        parents;
            (3) to propose changes in the Commission's regulations as 
        necessary to correct any defects identified pursuant to this 
        section in the privacy rights and remedies of parents and 
        consumers generally;
            (4) to solicit and review comment from the public and the 
        National Telecommunication and Information Administration on 
        the changes proposed pursuant to paragraph (3);
            (5) to prepare recommendations to the Congress for any 
        legislative changes required to correct such defects; and
            (6) to determine--
                    (A) whether parents are able, and if not, the 
                methods by which parents may be enabled, to block 
                access to content accessible via the Internet, or other 
                computer networks, that promotes alcoholic products or 
                tobacco products; and
                    (B) whether alcohol and tobacco companies maintain 
                Internet sites that promote, glamorize, and market 
                alcohol and tobacco products in a manner that is 
                directed at children.
    (b) Schedule for Federal Trade Commission Responses.--The Federal 
Trade Commission shall, within 1 year after the date of enactment of 
this Act--
            (1) complete any rulemaking required to revise Commission 
        regulations to correct any defects in such regulations 
        identified pursuant to subsection (a); and
            (2) submit to Congress a report containing the 
        recommendations required by subsection (a)(5).

SEC. 102. FEDERAL COMMUNICATIONS COMMISSION EXAMINATION.

    (a) Proceeding Required.--Within 6 months after the date of 
enactment of this Act, the Federal Communications Commission shall 
commence a proceeding--
            (1) to examine the impact of interconnected communications 
        networks of telephone, cable, satellite, wireless devices, and 
        other technologies on the privacy rights and remedies of the 
        consumers of those technologies, as described in paragraphs (1) 
        and (2) of section 101(a);
            (2) to determine whether consumers are able, and, if not, 
        the methods by which consumers may be enabled to exercise such 
        rights and remedies;
            (3) to determine whether common carriers have taken 
        adequate steps to secure the communications infrastructure and 
        its components against unauthorized interception of 
        communications and other personal information;
            (4) to propose changes in the Commission's regulations to 
        ensure that the effect on consumer privacy rights is considered 
        in the introduction of new telecommunications services and that 
        the protection of such privacy rights and network security is 
        incorporated as necessary in the design of such services or the 
        rules regulating such services;
            (5) to propose changes in the Commission's regulations as 
        necessary to correct any defects identified pursuant to this 
        section in such rights, remedies, and security;
            (6) to solicit and review comment from the public and the 
        National Telecommunication and Information Administration on 
        the changes proposed pursuant to paragraph (5); and
            (7) to prepare recommendations to the Congress for any 
        legislative changes required to correct such defects.
    (b) Schedule for Federal Communications Commission Responses.--The 
Federal Communications Commission shall, within 1 year after the date 
of enactment of this Act--
            (1) complete any rulemaking required to revise Commission 
        regulations to correct defects in such regulations identified 
        pursuant to subsection (a); and
            (2) submit to the Congress a report containing the 
        recommendations required by subsection (a)(6).

SEC. 103. PARENTAL EMPOWERMENT THROUGH MARKETPLACE SOLUTIONS.

    (a) Software to Protect Children.--Section 230 of the 
Communications Act of 1934 (47 U.S.C. 230) is amended--
            (1) by redesignating subsections (d) and (e) as subsections 
        (e) and (f), respectively;
            (2) by inserting after subsection (c) the following new 
        subsection:
    ``(d) Technological Tools To Block Access.--An Internet access 
provider shall, at the time of entering an agreement with a customer 
for the provision of Internet access services, or at any subsequent 
time upon request, offer such customer screening software that is 
designed to permit the customer to limit access to material that is 
inappropriate for children. Such software shall be provided either at 
no charge or for a fee that does not exceed the cost of such software 
to such provider.''; and
            (3) by adding at the end of subsection (f) (as redesignated 
        by paragraph (1) of this subsection) the following new 
        paragraphs:
            ``(5) Internet access provider.--The term `Internet access 
        provider' means a person engaged in the business of providing a 
        computer and communications facility through which a customer 
        may obtain access to the Internet, but does not include a 
        common carrier to the extent that it provides only transmission 
        and routing services.
            ``(6) Internet access services.--The term `Internet access 
        services' means the provision of computer and communications 
        services through which a customer using a computer and a modem 
        or other communications device may obtain access to the 
        Internet, but does not include transmission and routing 
        services provided by a common carrier.''.
    (b) Conforming Amendment.--Section 223(h)(2) of the Communications 
Act of 1934 (47 U.S.C. 223(h)(2)) is amended by striking ``230(e)(2)'' 
and inserting ``230(f)(2)''.

SEC. 104. EXTENSION OF SCANNER EQUIPMENT MANUFACTURE PROHIBITIONS TO 
              DIGITAL MOBILE RADIO SERVICES.

    (a) Amendment.--Section 302(d) of the Communications Act of 1934 
(47 U.S.C. 302(d)) is amended--
            (1) in paragraph (1), by striking ``(1) Within 180 days 
        after the date of enactment of this subsection, the 
        Commission'' and inserting ``The Commission'';
            (2) in paragraph (1)(A), by striking ``the domestic 
        cellular radio telecommunications service'' and inserting ``a 
        commercial mobile service (as such term is defined in section 
        332(d))'';
            (3) in paragraph (1)(C), by striking ``digital cellular 
        transmissions'' and inserting ``digital commercial mobiles 
        service transmissions'';
            (4) by striking paragraph (2); and
            (5) by redesignating subparagraphs (A), (B), and (C) of 
        paragraph (1) as paragraphs (1), (2), and (3), respectively.
    (b) Effective Date of Prohibitions on Regulation Amendments.--The 
prohibitions contained in section 302(b) of the Communications Act of 
1934 shall apply with respect to the changes made by the Federal 
Communications Commission in its regulations to implement the 
amendments made by subsection (a) of this section beginning 1 year 
after the effective date of such changes.

             TITLE II--INTERNET INFRASTRUCTURE ADVANCEMENT

SEC. 201. ACCESS AND INTERCONNECTION FOR INFORMATION SERVICE PROVIDERS.

    (a) Interconnection Obligations of Incumbent Local Exchange 
Carriers.--Section 251(c) of the Communications Act of 1934 (47 U.S.C. 
251(c)) is amended--
            (1) in paragraph (2)--
                    (A) by inserting ``or any requesting information 
                service provider'' after ``requesting 
                telecommunications carrier''; and
                    (B) by inserting before the semicolon at the end of 
                subparagraph (A) the following: ``, or for the 
                transmission of information services'';
            (2) in paragraph (3)--
                    (A) by inserting after ``for the provision of a 
                telecommunications service'' the following: ``or to any 
                information service provider for the provision of 
                information services'';
                    (B) by inserting ``and requesting information 
                service providers'' after ``requesting carriers''; and
                    (C) by inserting before the period at the end the 
                following: ``or information service''; and
            (3) in paragraph (6), by inserting ``to any requesting 
        carrier or any requesting information service provider'' after 
        ``the duty to provide''.
    (b) Procedures for Adoption of Agreements.--Section 252 of the 
Communications Act of 1934 (47 U.S.C. 252) is amended by adding at the 
end the following new subsection:
    ``(k) Treatment of Information Service Providers as Requesting 
Carriers.--Any information service provider requesting interconnection 
or unbundled access pursuant to paragraph (2) or (3), respectively, or 
section 251(c) shall be treated as a requesting carrier for the 
purposes of negotiation, mediation, arbitration, and approval of 
agreements under this section.''.

SEC. 202. CONSIDERATION OF INFORMATION SERVICES IN COORDINATED NETWORK 
              PLANNING.

    (a) Amendment.--Section 256 of the Communications Act of 1934 (47 
U.S.C. 256) is amended--
            (1) in subsection (a)--
                    (A) by striking ``and'' at the end of paragraph 
                (1);
                    (B) by striking the period at the end of paragraph 
                (2) and inserting ``; and''; and
                    (C) by adding at the end the following new 
                paragraph:
            ``(3) to promote commerce by facilitating the development 
        and adoption of technologies and methods for the secure conduct 
        of commercial transactions by use of telecommunications 
        facilities, the Internet, or other interactive computer 
        systems.''; and
            (2) in subsection (b)--
                    (A) by striking ``and'' at the end of paragraph 
                (1);
                    (B) by striking the period at the end of paragraph 
                (2) and inserting ``; and''; and
                    (C) by adding at the end the following new 
                paragraph:
            ``(3) shall establish procedures for Commission oversight 
        to ensure that the needs of information service providers and 
        their customers, and users of the Internet and interactive 
        computer services (as such terms are defined in section 230), 
        are considered during the coordinated network planning under 
        paragraph (1), including consideration of measures that will 
        ensure--
                    ``(A) efficient and effective interconnection for 
                packet-switched data networks, including the Internet; 
                and
                    ``(B) efficient and effective access by such 
                networks by their users.''.
    (b) Deadline for Commission Implementation.--The Federal 
Communications Commission shall prescribe procedures for purposes of 
section 256(b)(3) of the Communications Act of 1934, as amended by 
subsection (a) of this section, within one year after the date of 
enactment of this Act.

SEC. 203. REMOVAL OF IMPEDIMENTS TO DEPLOYMENT OF IMPROVEMENTS IN 
              NETWORK AND DATA SECURITY.

    (a) NTIA Study of Network and Data Security Issues.--Part C of the 
National Telecommunications and Information Administration Organization 
Act is amended by inserting after section 155 the following new 
section:

``SEC. 156. STUDY OF NETWORK AND DATA SECURITY ISSUES.

    ``(a) Study Required.--The NTIA shall conduct an examination of the 
extent to which network reliability and data security issues impair the 
conduct of transactions in interstate commerce through the medium of 
the telecommunications networks, the Internet, or other interactive 
computer systems.
    ``(b) Identification of Generally Available Technologies for the 
Improvement of Data Security.--In conducting the examination required 
by subsection (a), the NTIA shall identify generally available 
technologies for the improvement of data security for the conduct of 
the transactions described in such subsection.
    ``(c) Report on Examination.--Within one year after the date of 
enactment of this section, the NTIA shall submit to the Congress and 
the President a report on the examination required by this section. 
Annually thereafter, the NTIA shall submit to the Congress and the 
President an update on such report. Such report and each such update 
shall include--
            ``(1) a description of any generally available technologies 
        for the improvement of data security; and
            ``(2) any privacy or data security limitations identified 
        with respect to any such generally available technologies that 
        serve to limit or prevent the effective and efficient conduct 
        of transactions in interstate commerce, except that the report 
        or update may restrict to a confidential appendix any 
        discussion of such limitations which would itself present or 
        create a privacy or data security limitation.
    ``(d) Preemption of Domestic Restrictions on Encryption and Other 
Data Security Technologies.--No officer of the Federal or any State 
government shall--
            ``(1) restrict or regulate the sale in interstate commerce 
        of any encryption or other product for the improvement of data 
        security, regardless of encryption method chosen, length of 
        encryption key, or implementation technique or medium used;
            ``(2) condition the issuance of certificates of 
        authentication or certificates of authority upon any escrowing 
        or other sharing of private encryption keys, whether with 
        private agents or government entities; or
            ``(3) establish a licensing, labeling, or other regulatory 
        scheme that requires key escrow as a condition of licensing or 
        regulatory approval.
    ``(e) Definitions.--For purposes of this section:
            ``(1) The term `generally available technology for the 
        improvement of data security' means any computer hardware, 
        encryption formula, code, or algorithm (without regard to key 
        length, implementation technique, or medium), or other device 
        or technique used to protect data from unauthorized penetration 
        or disclosure that is generally available.
            ``(2) The term `generally available' means, in the case of 
        computer software (including software with encryption 
        capabilities), computer software that--
                    ``(A) is distributed via the Internet or that is 
                widely offered for sale, license, or transfer (without 
                regard to whether it is offered for consideration), 
                including over-the-counter retail sales, mail order 
                transactions, telephone order transactions, electronic 
                distribution, or sale on approval; or
                    ``(B) is preloaded on computer hardware that is 
                widely available.
            ``(3) The terms `Internet' and `interactive computer 
        systems' have the meanings provided by section 230(e) of the 
        Communications Act of 1934 (47 U.S.C. 230(e)).''.
    (b) Transfer of Authority.--Section 105(b) of the National 
Telecommunications and Information Administration Organization Act (47 
U.S.C. 902(b)) is amended by adding at the end the following new 
paragraph:
            ``(4) Licensing of communications transaction 
        technologies.--There are transferred to the NTIA the functions 
        of the Secretary under Public Law 96-72, as amended, with 
        respect to generally available technologies for the improvement 
        of data security, as identified pursuant to section 156 of this 
        Act.''.
                                 <all>