Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 116th Congress · S. 2968 (Introduced in Senate) — To provide consumers with foundational data privacy rights, create strong oversight mechanisms, and establish meaning... · Sec. 105

Sec. 105. Right to controls

357 words·~2 min read·/bill/116/s/2968/is/section-105·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

A covered entity, upon the verified request of an individual, shall export the individual’s covered data, except for derived data, without licensing restrictions— in a human-readable format that allows the individual to understand such covered data of the individual; and in a structured, interoperable, and machine-readable format that includes all covered data or other information that the covered entity collected to the extent feasible. A covered entity— shall not transfer an individual’s covered data to a third party if the individual objects to the transfer; and shall allow an individual to object to the covered entity transferring covered data of the individual to a third party through a process established under the rule issued by the Commission pursuant to paragraph (2).
Not later than 18 months after the date of enactment of this Act, the Commission shall issue a rule under section 553 of title 5, United States Code, establishing one or more acceptable processes for covered entities to follow in allowing individuals to opt out of transfers of covered data. The processes established by the Commission pursuant to this subparagraph shall— be centralized, to the extent feasible, to minimize the number of opt-out designations of a similar type that a consumer must make; include clear and conspicuous opt-out notices and consumer friendly mechanisms to allow an individual to opt out of transfers of covered data; allow an individual that objects to a transfer of covered data to view the status of such objection; allow an individual that objects to a transfer of covered data to change the status of such objection; be privacy protective; and be informed by the Commission’s experience developing and implementing the National Do Not Call Registry.
A covered entity— shall not process the sensitive covered data of an individual without the individual’s prior, affirmative express consent; shall not transfer the sensitive covered data of an individual without the individual’s prior, affirmative express consent; shall provide an individual with a consumer-friendly means to withdraw affirmative express consent to process the sensitive covered data of the individual; and is not required to obtain prior, affirmative express consent to process or transfer publicly available information.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.