Bill Text: IL SB2082 | 2021-2022 | 102nd General Assembly | Introduced


Bill Title: Creates the Keep Internet Devices Safe Act. Includes a statement of legislative intent and defines terms. Provides that a private entity may turn on or enable, cause to be turned on or enabled, or otherwise use a digital device's microphone to listen for or collect information, including spoken words or other audible or inaudible sounds, if the private entity makes specified disclosures in its customer agreement or other incorporated addendum. Provides that a private entity that collects, stores, or transmits any information collected through a digital device's microphone concerning an Illinois resident shall implement and maintain reasonable security measures to protect that information from unauthorized access, acquisition, destruction, use, modification, and disclosure. Adds provisions governing waiver, applicability, and exceptions. Provides that a violation of the Keep Internet Devices Safe Act constitutes an unlawful practice under the Consumer Fraud and Deceptive Business Practices Act.

Spectrum: Partisan Bill (Democrat 1-0)

Status: (Introduced - Dead) 2021-02-26 - Referred to Assignments [SB2082 Detail]

Download: Illinois-2021-SB2082-Introduced.html


102ND GENERAL ASSEMBLY
State of Illinois
2021 and 2022
SB2082

Introduced 2/26/2021, by Sen. Cristina Castro

SYNOPSIS AS INTRODUCED:
New Act

Creates the Keep Internet Devices Safe Act. Includes a statement of legislative intent and defines terms. Provides that a private entity may turn on or enable, cause to be turned on or enabled, or otherwise use a digital device's microphone to listen for or collect information, including spoken words or other audible or inaudible sounds, if the private entity makes specified disclosures in its customer agreement or other incorporated addendum. Provides that a private entity that collects, stores, or transmits any information collected through a digital device's microphone concerning an Illinois resident shall implement and maintain reasonable security measures to protect that information from unauthorized access, acquisition, destruction, use, modification, and disclosure. Adds provisions governing waiver, applicability, and exceptions. Provides that a violation of the Keep Internet Devices Safe Act constitutes an unlawful practice under the Consumer Fraud and Deceptive Business Practices Act.
LRB102 12551 JLS 17889 b

A BILL FOR

SB2082LRB102 12551 JLS 17889 b
1 AN ACT concerning business.
2 Be it enacted by the People of the State of Illinois,
3represented in the General Assembly:
4 Section 1. Short title. This Act may be cited as the Keep
5Internet Devices Safe Act.
6 Section 5. Findings; intent. The General Assembly finds
7the following:
8 (1) An increasing number of everyday household
9 devices, such as smartphones, televisions, cars, toys, and
10 home appliances, are being enhanced by speech recognition
11 and other technologies that use microphones to listen for
12 environmental triggers. As a result, private companies are
13 gaining unprecedented and near constant access to Illinois
14 citizens and their families' private lives, including what
15 they do in their homes and their daily habits.
16 (2) While there are tremendous benefits from these
17 technologies, the collection of personal information from
18 Internet-connected devices pose serious privacy and
19 physical safety risks to Illinois citizens and children.
20 Children's toys now have microphones that can record and
21 collect personal information from conversations within
22 earshot of the device.
23 (3) The increasing prevalence of these technologies in

SB2082- 2 -LRB102 12551 JLS 17889 b
1 everyday devices enables companies to collect, store,
2 analyze, and share increasing amounts of personal data,
3 often without Illinois families ever knowing. Illinois
4 citizens have a right to their personal data, and the
5 public welfare, security, and safety will be served by
6 requiring companies to be transparent about their data
7 collection and sharing practices.
8 (4) It is the public policy of the State of Illinois to
9 ensure that Illinois citizens be aware of and have control
10 over whether a private entity records, collects, stores,
11 or discloses their personal information and to ensure that
12 their personal information is maintained in a secure
13 manner.
14 Section 10. Definitions. In this Act:
15 "Digital device" means a smartphone, tablet, television,
16computer, car, toy, home appliance, or any other device that
17may be used for personal, family, or household purposes that
18contains a microphone.
19 "Microphone" means an instrument capable of listening for,
20collecting, recording, analyzing, transmitting, interpreting,
21or otherwise using spoken words or other audible or inaudible
22sounds.
23 "Private entity" means any partnership, corporation,
24limited liability company, association, organization or other
25group, regardless of organizational structure, or any agent

SB2082- 3 -LRB102 12551 JLS 17889 b
1thereof. "Private entity" does not include a State or local
2governmental agency.
3 "Person" means a resident of this State who purchases or
4leases a digital device for personal or household use.
5 Section 15. Collection, use, storage, or disclosure of
6information from a digital device's microphone.
7 (a) No private entity may turn on or enable, cause to be
8turned on or enabled, or otherwise use a digital device's
9microphone to listen for or collect information, including
10spoken words or other audible or inaudible sounds, unless the
11private entity, in its customer agreement or other
12incorporated addendum, states the following:
13 (1) that the digital device's microphone may be turned
14 on, enabled, or used;
15 (2) the commands or actions that may turn on or enable
16 the microphone;
17 (3) whether the microphone is listening for an audible
18 or inaudible sound, or both; and
19 (4) the general purpose for which the information may
20 be collected, used, stored, or disclosed.
21 (b) A manufacturer of a digital device that does not turn
22on or enable, cause to be turned on or enabled, or otherwise
23use a digital device's microphone to listen for or collect
24information is not subject to this Section.

SB2082- 4 -LRB102 12551 JLS 17889 b
1 Section 20. Security measures. A private entity that
2collects, stores, or transmits any information collected
3through a digital device's microphone concerning an Illinois
4resident shall implement and maintain reasonable security
5measures to protect that information from unauthorized access,
6acquisition, destruction, use, modification, and disclosure.
7 Section 25. Violation. A violation of this Act constitutes
8an unlawful practice under the Consumer Fraud and Deceptive
9Business Practices Act.
10 Section 30. General provisions.
11 (a) Any waiver of the provisions of this Act is void and
12unenforceable.
13 (b) Any agreement created or modified after the effective
14date of this Act that does not comply with this Act is void and
15unenforceable.
feedback