Bill Text: IL SB2082 | 2021-2022 | 102nd General Assembly | Introduced
Bill Title: Creates the Keep Internet Devices Safe Act. Includes a statement of legislative intent and defines terms. Provides that a private entity may turn on or enable, cause to be turned on or enabled, or otherwise use a digital device's microphone to listen for or collect information, including spoken words or other audible or inaudible sounds, if the private entity makes specified disclosures in its customer agreement or other incorporated addendum. Provides that a private entity that collects, stores, or transmits any information collected through a digital device's microphone concerning an Illinois resident shall implement and maintain reasonable security measures to protect that information from unauthorized access, acquisition, destruction, use, modification, and disclosure. Adds provisions governing waiver, applicability, and exceptions. Provides that a violation of the Keep Internet Devices Safe Act constitutes an unlawful practice under the Consumer Fraud and Deceptive Business Practices Act.
Spectrum: Partisan Bill (Democrat 1-0)
Status: (Introduced - Dead) 2021-02-26 - Referred to Assignments [SB2082 Detail]
Download: Illinois-2021-SB2082-Introduced.html
| ||||||||||||||||||||
| ||||||||||||||||||||
| ||||||||||||||||||||
| ||||||||||||||||||||
| ||||||||||||||||||||
| 1 | AN ACT concerning business.
| |||||||||||||||||||
| 2 | Be it enacted by the People of the State of Illinois,
| |||||||||||||||||||
| 3 | represented in the General Assembly:
| |||||||||||||||||||
| 4 | Section 1. Short title. This Act may be cited as the Keep
| |||||||||||||||||||
| 5 | Internet Devices Safe Act.
| |||||||||||||||||||
| 6 | Section 5. Findings; intent. The General
Assembly finds | |||||||||||||||||||
| 7 | the following:
| |||||||||||||||||||
| 8 | (1) An increasing number of everyday household | |||||||||||||||||||
| 9 | devices,
such as smartphones, televisions, cars, toys, and | |||||||||||||||||||
| 10 | home
appliances, are being enhanced by speech recognition | |||||||||||||||||||
| 11 | and other
technologies that use microphones to listen for | |||||||||||||||||||
| 12 | environmental
triggers. As a result, private companies are | |||||||||||||||||||
| 13 | gaining
unprecedented and near constant access to Illinois | |||||||||||||||||||
| 14 | citizens and
their families' private lives, including what | |||||||||||||||||||
| 15 | they do in their
homes and their daily habits. | |||||||||||||||||||
| 16 | (2) While there are tremendous benefits from these
| |||||||||||||||||||
| 17 | technologies, the collection of personal information from
| |||||||||||||||||||
| 18 | Internet-connected devices pose serious privacy and | |||||||||||||||||||
| 19 | physical
safety risks to Illinois citizens and children. | |||||||||||||||||||
| 20 | Children's toys
now have microphones that can record and | |||||||||||||||||||
| 21 | collect personal
information from conversations within | |||||||||||||||||||
| 22 | earshot of the device. | |||||||||||||||||||
| 23 | (3) The increasing prevalence of these technologies in
| |||||||||||||||||||
| |||||||
| |||||||
| 1 | everyday devices enables companies to collect, store, | ||||||
| 2 | analyze, and share increasing amounts of personal data, | ||||||
| 3 | often without
Illinois families ever knowing. Illinois | ||||||
| 4 | citizens have a right
to their personal data, and the | ||||||
| 5 | public welfare, security, and
safety will be served by | ||||||
| 6 | requiring companies to be transparent
about their data | ||||||
| 7 | collection and sharing practices. | ||||||
| 8 | (4) It is the public policy of the State of Illinois to
| ||||||
| 9 | ensure that Illinois citizens be aware of and have control | ||||||
| 10 | over
whether a private entity records, collects, stores, | ||||||
| 11 | or
discloses their personal information and to ensure that | ||||||
| 12 | their
personal information is maintained in a secure | ||||||
| 13 | manner.
| ||||||
| 14 | Section 10. Definitions. In this Act: | ||||||
| 15 | "Digital device" means a smartphone, tablet, television, | ||||||
| 16 | computer, car, toy, home appliance, or any other device that | ||||||
| 17 | may be used for personal, family, or household purposes that | ||||||
| 18 | contains a microphone. | ||||||
| 19 | "Microphone" means an instrument capable of listening for, | ||||||
| 20 | collecting, recording, analyzing, transmitting, interpreting, | ||||||
| 21 | or otherwise using spoken words or other audible or inaudible | ||||||
| 22 | sounds. | ||||||
| 23 | "Private entity" means any partnership, corporation, | ||||||
| 24 | limited liability company, association, organization or other | ||||||
| 25 | group, regardless of organizational structure, or any agent | ||||||
| |||||||
| |||||||
| 1 | thereof. "Private entity" does not include a State or local | ||||||
| 2 | governmental agency. | ||||||
| 3 | "Person" means a resident of this State who purchases or | ||||||
| 4 | leases a digital device for personal or household use.
| ||||||
| 5 | Section 15. Collection, use, storage, or disclosure of | ||||||
| 6 | information from a digital device's microphone. | ||||||
| 7 | (a) No private entity may turn on or enable, cause to be | ||||||
| 8 | turned on or enabled, or otherwise use a digital device's | ||||||
| 9 | microphone to listen for or collect information, including | ||||||
| 10 | spoken words or other audible or inaudible sounds, unless the | ||||||
| 11 | private entity, in its customer agreement or other | ||||||
| 12 | incorporated addendum, states the following: | ||||||
| 13 | (1) that the digital device's microphone may be turned | ||||||
| 14 | on, enabled, or used; | ||||||
| 15 | (2) the commands or actions that may turn on or enable | ||||||
| 16 | the microphone; | ||||||
| 17 | (3) whether the microphone is listening for an audible | ||||||
| 18 | or inaudible sound, or both; and | ||||||
| 19 | (4) the general purpose for which the information may | ||||||
| 20 | be collected, used, stored, or disclosed. | ||||||
| 21 | (b) A manufacturer of a digital device that does not turn | ||||||
| 22 | on or enable, cause to be turned on or enabled, or otherwise | ||||||
| 23 | use a digital device's microphone to listen for or collect | ||||||
| 24 | information is not subject to this Section.
| ||||||
| |||||||
| |||||||
| 1 | Section 20. Security measures. A private entity that | ||||||
| 2 | collects, stores, or transmits any information collected | ||||||
| 3 | through a digital device's microphone concerning an Illinois | ||||||
| 4 | resident shall implement and maintain reasonable security | ||||||
| 5 | measures to protect that information from unauthorized access, | ||||||
| 6 | acquisition, destruction, use, modification, and disclosure.
| ||||||
| 7 | Section 25. Violation. A violation of this Act constitutes | ||||||
| 8 | an unlawful practice under the Consumer Fraud and Deceptive | ||||||
| 9 | Business Practices Act.
| ||||||
| 10 | Section 30. General provisions. | ||||||
| 11 | (a) Any waiver of the provisions of this Act is void and | ||||||
| 12 | unenforceable. | ||||||
| 13 | (b) Any agreement created or modified after the effective | ||||||
| 14 | date of this Act that does not comply with this Act is void and | ||||||
| 15 | unenforceable.
| ||||||
