Ceci est une version HTML d'une pièce jointe de la demande d'accès à l'information 'Silicon Valley Mission Report and BOLO list debates'.

USA Federal
Law: There is no general data privacy law in place but rather a multitude of federal and state
privacy laws. Some of these privacy laws are focused on particular industries, whereas others
may concern particular activities or particular data subjects. These privacy laws include, but
are not limited to:
1. Health Insurance Portability and Accountability Act of 1996 ('HIPAA')
2. Health Information Technology for Economic and Clinical Health Act of 2009
('HITECH')
3. Gramm-Leach-Bliley Act of 1999 ('GLBA')
4. Electronic Communications Privacy Act of 1986 ('ECPA')
5. Fair Credit Reporting Act of 1970 ('FCRA')
6. Children's Online Privacy Protection Act of 1998 ('COPPA')
Draft Law: There have been numerous proposals over the years for a general data privacy
law, but none have been passed by the U.S. Congress thus far.
Regulator: There is no official federal data privacy authority. However, various federal
agencies ensure organisations' compliance with the respective federal privacy laws.
USA State
Law: There are no general data privacy laws at the state level, with the exception of
California. California passed, on 28 June 2018, the California Consumer Privacy Act of 2018
(AB 375), which will come into effect on 1 January 2020. In addition, all U.S. states have
enacted data breach notification laws. Finally, Washington, Texas and Illinois have enacted
laws regulating biometric information.
Draft Law: There are a number of proposals and draft bills that are under consideration
across the states, and which address a multitude of general and sector-specific data protection
issues.
Regulator: There are no official state data protection authorities. However, the state
Attorneys General are responsible for consumer protection, including the enforcement of
state and federal data protection laws.