Bill aims to address data privacy

By: - January 18, 2019 10:18 am

Websites like Facebook are facing almost weekly controversies over their use of user data, and now the Arizona Legislature is looking at a possible remedy. But it seems unlikely that the bill would affect any of the large online data-collectors.

House Bill 2259 proposed by Rep. Bob Thorpe, R-Flagstaff, would make any website based in Arizona with a user base of over 500 users create a “personal information portal.”

“The idea is that you can see personal information for yourself and if there is something in error captured on you, you can correct it,” Thorpe told the Mirror.

The bill states that the portal must be a secure online website that would allow the users to access “collected personal information” as well as correcting any errors.

Thorpe said he has spoken with “tech lobbyists” from both national and local businesses to get their thoughts on the legislation and is anticipating working with them while the bill moves through the legislative process.

The legislation does not directly specify how this mandate would be enforced or include any penalties for websites that fail to comply, but Thorpe said he’d leave that to the attorney general.

“We weren’t consulted on this bill,” said Ryan Anderson, a spokesman for the Attorney General Mark Brnovich. Anderson added that Brnovich “will be interested to learn more about what the sponsor’s intentions are.”

Thorpe admitted that the attorney general would not be able to go after a company in another state even if it has a large user base in Arizona, meaning Facebook likely would not be targeted, and the scope would be limited to the state.

However, Thorpe said one of his main goals is to start a dialogue on the issue, and he hopes other states will follow suit with similar legislation.

Thorpe seems to be in good company in the tech world, as Apple’s CEO Tim Cook recently penned an op-ed calling for federal legislation to rein in data collection.

One of the remedies Cook suggested was giving people the ability to track and delete their personal data.

The day after Cook posted his op-ed, one of the largest data breaches in history was discovered by researchers.

“In total, there are 1,160,253,228 unique combinations of email addresses and passwords,” security researcher Troy Hunt wrote on his website about the breach he has dubbed “Collection #1.”

In addition there are also “21,222,975 unique passwords” within the data breach which Hunt found had been posted on a popular hacker forum in December.

“I’m very concerned every time I’m hearing reports of people’s data being abused or hackers being able to access people’s personal information,” Thorpe said.

Thorpe said he is looking forward to talking with tech companies about this issue.

The bill has not yet been assigned to a committee.

Our stories may be republished online or in print under Creative Commons license CC BY-NC-ND 4.0. We ask that you edit only for style or to shorten, provide proper attribution and link to our web site. Please see our republishing guidelines for use of photos and graphics.

Jerod MacDonald-Evoy
Jerod MacDonald-Evoy

Reporter Jerod MacDonald-Evoy joined the Arizona Mirror from the Arizona Republic, where he spent 4 years covering everything from dark money in politics to Catholic priest sexual abuse scandals. He brings strong watchdog sensibilities and creative storytelling skills to the Arizona Mirror.