By Carrie Gaines
Most of us use a computer or smart phone daily – but are we aware of the data that is being collected whether or not we are intending to share it?
As they say, tech is smart. Many tech devices, such as Amazon’s Alexa, are constantly collecting data from its users. From internet searches to casual conversations, data is being collected, processed, and sold to third parties every single day.
How can this be?
Isn’t that illegal?
Generally, in Nebraska, the answer is no. There are currently no state laws enacted to protect personal information outside of healthcare, financial records, insurance information, education records and a few other categories.
Given the current state of the law, the question quickly becomes: How can I protect my personal information online and with tech devices such as Alexa?
The answer is a bit complicated and depends on the technology.
Take Alexa for example. According to Amazon, you can go to the Alexa Privacy settings page, and select Manage Skill Permissions and choose the type of data to which you want to manage access. This is time consuming and those without a certain level of education or technological sophistication would struggle to achieve this.
Smart phones operate in a very similar way and those unfamiliar with the intricate details of its settings will struggle to create adequate privacy settings.
What about computers? It is generally recommended that you install privacy protection software created to prevent the collection of personal information by each website you might visit. Without such software, each website you visit will collect data from your computer including your name, date of birth, location and more.
Again, all of this is legal in Nebraska and most other states. Only a few states have enacted comprehensive data privacy legislation created to protect its citizen’s personal data online and otherwise. The California Privacy Rights Act (CPRA), which will take effect on January 1, 2023, will permit consumers to:
- Prevent businesses from sharing personal information
- Require correction of inaccurate personal information; and
- Limit businesses use of “sensitive personal information” including precise geolocation, race, ethnicity, religion, genetic data, private communications, sexual orientation, and specified health information.
This law also establishes the California Privacy Protection Agency to enforce and implement consumer privacy laws and impose fines.
Furthermore, the new law prohibits businesses’ retention of personal information for longer than reasonably necessary. The law also triples the maximum penalties for violations concerning consumers under the age of 16. And, it authorizes civil penalties for theft of consumer login information. This creates a civil action for certain events of identity theft.
Other states that have enacted data privacy laws that provide some level of protection are Connecticut, Hawaii, Indiana, Illinois, Louisiana, Maine, Maryland,
Massachusetts, Michigan, Mississippi, Nevada, New Hampshire, New York and Virginia.
In 2020, Nebraska, State Sen. Carol Blood introduced the Consumer Data Privacy Act (LB746) which, if passed, would place limitations on the collection and sale of a Nebraska resident’s personal information and provide consumers certain individual rights with respect to their personal information. A hearing was held on February 4, 2020, but since then, there has been no additional movement on the bill.
If you have questions about privacy laws and would like to speak with a qualified attorney, contact Carrie at [email protected]
or by phone at
402.392.1250.