Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 115th Congress · S. 2187 (Introduced in Senate) — To establish a regulatory framework for the comprehensive protection of personal data for individuals under the aegis... · Sec. 122

Sec. 122. Individual participation

570 words·~3 min read·/bill/115/s/2187/is/section-122

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Not later than 180 days after the date of enactment of this Act, the Commission shall initiate a rulemaking proceeding to require each covered entity— to offer individuals a clear and conspicuous mechanism for opt-in consent for any use of their covered information that would otherwise be unauthorized use; to offer individuals a robust, clear, and conspicuous mechanism for opt-in consent for the use by third parties of the individuals' covered information for behavioral advertising or marketing; to provide any individual to whom the personally identifiable information that is covered information pertains, and which the covered entity or its service provider stores, appropriate and reasonable— access to such information; and mechanisms to correct such information to improve the accuracy of such information; and in the case that a covered entity enters bankruptcy or an individual requests the termination of a service provided by the covered entity to the individual or termination of some other relationship with the covered entity, to permit the individual to easily request that— all of the personally identifiable information that is covered information that the covered entity maintains relating to the individual, except for information the individual authorized the sharing of or which the individual shared with the covered entity in a forum that is widely and publicly available, be rendered not personally identifiable; or if rendering such information not personally identifiable is not possible, to cease the unauthorized use or transfer to a third party for an unauthorized use of such information or to cease use of such information for marketing, unless such unauthorized use or transfer is otherwise required by a provision of law.
In the rulemaking required by subsection (a), the Commission shall provide that with respect to transfers of covered information to a third party for which an individual provides opt-in consent, the third party to which the information is transferred may not use such information for any unauthorized use other than a use— specified pursuant to the purposes stated in the required notice under section 121(a); and authorized by the individual when the individual granted consent for the transfer of the information to the third party.
In the rulemaking required by subsection (a), the Commission shall allow a covered entity to provide individuals an alternative means, in lieu of the access, consent, and correction requirements, of prohibiting a covered entity from use or transfer of that individual's covered information. The use of a service provider by a covered entity to receive covered information in performing services or functions on behalf of and under the instruction of the covered entity does not constitute an unauthorized use of such information by the covered entity if the covered entity and the service provider execute a contract that requires the service provider to collect, use, and store the information on behalf of the covered entity in a manner consistent with— the requirements of this title; and the policies and practices related to such information of the covered entity.
The disclosure by a service provider of covered information pursuant to a contract with a covered entity to another service provider in order to perform the same service or functions for that covered entity does not constitute an unauthorized use. A covered entity remains responsible and liable for the protection of covered information that has been transferred to a service provider for processing, notwithstanding any agreement to the contrary between a covered entity and the service provider.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.