Sec. 207. Civil rights and algorithms
1,163 words·~5 min read·
/bill/117/hr/8152/rh/section-207·A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
A covered entity or a service provider may not collect, process, or transfer covered data in a manner that discriminates in or otherwise makes unavailable the equal enjoyment of goods or services on the basis of race, color, religion, national origin, sex, or disability. This subsection shall not apply to— the collection, processing, or transfer of covered data for the purpose of— a covered entity’s or a service provider’s self-testing to prevent or mitigate unlawful discrimination; or diversifying an applicant, participant, or customer pool; or any private club or group not open to the public, as described in section 201(e) of the Civil Rights Act of 1964 ( 42 U.S.C. 2000a(e) ).
Whenever the Commission obtains information that a covered entity or service provider may have collected, processed, or transferred covered data in violation of subsection (a), the Commission shall transmit such information as allowable under Federal law to any Executive agency with authority to initiate enforcement actions or proceedings relating to such violation. Not later than 3 years after the date of enactment of this Act, and annually thereafter, the Commission shall submit to Congress a report that includes a summary of— the types of information the Commission transmitted to Executive agencies under paragraph
(1)during the previous 1-year period; and how such information relates to Federal civil rights laws. In transmitting information under paragraph (1), the Commission may consult and coordinate with, and provide technical and investigative assistance, as appropriate, to such Executive agency. The Commission may implement this subsection by executing agreements or memoranda of understanding with the appropriate Executive agencies. Notwithstanding any other provision of law, not later than 2 years after the date of enactment of this Act, and annually thereafter, a large data holder that uses a covered algorithm in a manner that poses a consequential risk of harm to an individual or group of individuals, and uses such covered algorithm solely or in part, to collect, process, or transfer covered data shall conduct an impact assessment of such algorithm in accordance with subparagraph (B). The impact assessment required under subparagraph
(A)shall provide the following: A detailed description of the design process and methodologies of the covered algorithm. A statement of the purpose and proposed uses of the covered algorithm. A detailed description of the data used by the covered algorithm, including the specific categories of data that will be processed as input and any data used to train the model that the covered algorithm relies on, if applicable. A description of the outputs produced by the covered algorithm. An assessment of the necessity and proportionality of the covered algorithm in relation to its stated purpose. A detailed description of steps the large data holder has taken or will take to mitigate potential harms from the covered algorithm to an individual or group of individuals, including related to— covered minors; making or facilitating advertising for, or determining access to, or restrictions on the use of housing, education, employment, healthcare, insurance, or credit opportunities; determining access to, or restrictions on the use of, any place of public accommodation, particularly as such harms relate to the protected characteristics of individuals, including race, color, religion, national origin, sex, or disability; disparate impact on the basis of individuals’ race, color, religion, national origin, sex, or disability status; or disparate impact on the basis of individuals’ political party registration status. Notwithstanding any other provision of law, not later than 2 years after the date of enactment of this Act, a covered entity or service provider that knowingly develops a covered algorithm that is designed to, solely or in part, to collect, process, or transfer covered data in furtherance of a consequential decision shall prior to deploying the covered algorithm in interstate commerce evaluate the design, structure, and inputs of the covered algorithm, including any training data used to develop the covered algorithm, to reduce the risk of the potential harms identified under paragraph (1)(B). In complying with paragraphs
(1)and (2), a covered entity and a service provider may focus the impact assessment or evaluation on any covered algorithm, or portions of a covered algorithm, that will be put to use and may reasonably contribute to the risk of the potential harms identified under paragraph (1)(B). A covered entity and a service provider— shall, not later than 30 days after completing an impact assessment or evaluation, submit the impact assessment or evaluation conducted under paragraph
(1)or
(2)to the Commission; shall, upon request, make such impact assessment and evaluation available to Congress; and may make a summary of such impact assessment and evaluation publicly available in a place that is easily accessible to individuals. Covered entities and service providers may redact and segregate any trade secret (as defined in section 1839 of title 18, United States Code) or other confidential or proprietary information from public disclosure under this subparagraph and the Commission shall abide by its obligations under section 6(f) of the Federal Trade Commission Act ( 15 U.S.C. 46(f) ) in regard to such information. The Commission may not use any information obtained solely and exclusively through a covered entity or a service provider’s disclosure of information to the Commission in compliance with this section for any purpose other than enforcing this Act with the exception of enforcing consent orders, including the study and report provisions in paragraph (6). This subparagraph does not preclude the Commission from providing this information to Congress in response to a subpoena. Not later than 2 years after the date of enactment of this Act, the Commission shall, in consultation with the Secretary of Commerce, or their respective designees, publish guidance regarding compliance with this section. The Commission shall have authority under section 553 of title 5, United States Code, to promulgate regulations as necessary to establish processes by which a large data holder— shall submit an impact assessment to the Commission under paragraph (3)(B)(i)(I); and may exclude from this subsection any covered algorithm that presents low or minimal consequential risk of harm to an individual or group of individuals. The Commission, in consultation with the Secretary of Commerce or the Secretary’s designee, shall conduct a study, to review any impact assessment or evaluation submitted under this subsection. Such study shall include an examination of— best practices for the assessment and evaluation of covered algorithms; and methods to reduce the risk of harm to individuals that may be related to the use of covered algorithms. Not later than 3 years after the date of enactment of this Act, the Commission, in consultation with the Secretary of Commerce or the Secretary’s designee, shall submit to Congress a report containing the results of the study conducted under subparagraph (A), together with recommendations for such legislation and administrative action as the Commission determines appropriate. Not later than 3 years after submission of the initial report under clause (i), and as the Commission determines necessary thereafter, the Commission shall submit to Congress an updated version of such report.
Connectionstraces to 2
Citation graph
cites case law
Cites 2Cited by 0 across 0 sources