arrow_back Back to App

Data Care Act: New Duties for Online Services to Protect User Privacy

This bill establishes three core duties—care, loyalty, and confidentiality—for online service providers regarding user data. It mandates that companies must reasonably secure your personal data, cannot use it to benefit themselves to your detriment, and must ensure third parties adhere to the same strict privacy standards. This legislation aims to give citizens greater control and protection over their sensitive information collected online.
Key points
Duty of Care: Online service providers must reasonably secure individual identifying data from unauthorized access.
Duty of Loyalty: Companies cannot use your data in a way that benefits them while causing you foreseeable material physical or financial harm, or in a way that is highly offensive to a reasonable user.
Duty of Confidentiality: Sharing or selling your data to third parties is restricted unless those parties contractually agree to uphold the same duties of care and loyalty.
Breach Notification: If sensitive data (including Social Security numbers, financial details, or health information) is breached, the provider must promptly inform the affected end user.
Enforcement: The Federal Trade Commission (FTC) and State Attorneys General are authorized to enforce these rules, including imposing civil penalties based on the number of harmed end users.
article Official text account_balance Process page
Expired
Citizen Poll
No votes cast
Additional Information
Print number: 118_S_744
Sponsor: Sen. Schatz, Brian [D-HI]
Process start date: 2023-03-09
Lustra uses Artificial Intelligence. Verify details in source documents.
Summarized by: gemini-flash-latest
Source data: api.congress.gov
AI work logs for this document launch

OFFICIAL LEGAL TITLE

Data Care Act of 2023

FREQUENTLY ASKED QUESTIONS

What is the official ID of this bill?

The official print number for this legislation is 118_S_744.

Which chamber initiated this legislation?

This legislation was initiated in the Senate.

When did the legislative process begin?

The process officially started on 2023-03-09.

What are the main provisions?

Key points include:

  • Duty of Care: Online service providers must reasonably secure individual identifying data from unauthorized access.
  • Duty of Loyalty: Companies cannot use your data in a way that benefits them while causing you foreseeable material physical or financial harm, or in a way that is highly offensive to a reasonable user.
  • Duty of Confidentiality: Sharing or selling your data to third parties is restricted unless those parties contractually agree to uphold the same duties of care and loyalty.
  • Breach Notification: If sensitive data (including Social Security numbers, financial details, or health information) is breached, the provider must promptly inform the affected end user.
  • Enforcement: The Federal Trade Commission (FTC) and State Attorneys General are authorized to enforce these rules, including imposing civil penalties based on the number of harmed end users.
What is the specific legal status?

The current status is Expired.

Where can I read the full text of this legislation?

The full official text is available at: View full text

Who is the primary sponsor?

The primary sponsor is Sen. Schatz, Brian [D-HI].

What is the latest detailed status?

The latest detailed status is: Introduced in Senate

Is this summary verified?

Yes. This content was analyzed by AI and verified by the Lustra Judge System on 2025-12-27.

CATEGORIES

Informatization Courts and Law Economy