There is one summary for this bill. Bill summaries are authored by CRS.

Shown Here:
Introduced in House (04/03/2003)

Consumer Privacy Protection Act of 2003 - Requires data collection organizations, under specified conditions, to notify consumers: (1) at the time of collection that their personally identifiable information may be used for an unrelated transaction purpose; and (2) of any material change in the organization's privacy policy statement immediately after each change.

Requires such organizations to establish a privacy policy with respect to the collection, sale, disclosure for consideration, or use of the consumer's information.

Requires an organization to provide consumers, without charge, the opportunity to preclude the sale or disclosure of their information to any organization that is not an information-sharing partner. Prescribes requirements for opportunities an organization may give consumers to limit other information practices of the organization.

Directs an organization to prepare and implement an information security policy that prevents the unauthorized disclosure or release of a consumer's information.

Requires the Federal Trade Commission (FTC) to presume that an organization is in compliance with this Act if it participates in an approved five-year self-regulatory program. Prescribes requirements for a self-regulatory consumer dispute resolution process.

Directs the FTC to: (1) facilitate electronic and promote the use of common identity theft affidavits; (2) require the timely resolution of identity theft disputes; (3) utilize the Identity Theft Clearinghouse to transmit information to appropriate entities for protective action and to mitigate losses; and (4) provide change of address protection for consumers.

Requires: (1) the Comptroller General to analyze the impact on U.S. interstate and foreign commerce of information privacy laws, regulations, or agreements enacted, promulgated, or adopted by other nations, and whether the enforcement mechanisms or procedures of them result in discriminatory treatment of U.S. entities; and (2) the Secretary of Commerce, based on such results, to take steps to mitigate against such discriminatory impact.

Directs the Secretary to seek harmonization of this Act with other international privacy laws, regulations, and agreements for the advancement of transnational and electronic commerce.