Washington – The Computer & Communications Industry Association has filed comments expressing its concerns with proposed administrative rules implementing the Florida Digital Bill of Rights enacted by the state Legislature last year. The Department of Legal Affairs’ (Attorney General’s Office) open comment period is scheduled to close Friday. CCIA recommends several revisions to the current language of the proposed rules, citing constitutional and compliance concerns.
Data security is a persistent challenge for businesses amid evolving threats in the digital landscape. Subsection (2)(b) of the Digital Bill of Rights requires strict adherence to standards from the National Institute of Standards and Technology or the U.S. Department of Commerce. However, because threats vary, CCIA proposes amending the language to ensure that data security requirements are risk-based and not tied to any specific framework to allow businesses the necessary flexibility to address evolving threats effectively.
Further, current enforcement provisions of the Digital Bill of Rights lack clear guidance for businesses, especially regarding online age verification requirements. It is unclear whether consent should be obtained from teens or from their parents. Additionally, the proposed state regulations for minors younger than 13 may clash with federal law like the Children’s Online Privacy Protection Act due to excessive information gathering. CCIA suggests amending the proposed rules to exempt businesses from having to obtain parental consent for individuals older than 13 and refining parental consent requirements for users younger than 13 in order to prevent conflicts with COPPA.
The following can be attributed to CCIA State Policy Director Khara Boender:
“While we strongly believe in providing children with enhanced security and privacy in their online interactions, we respectfully request modifications to the draft implementing rules for the Digital Bill of Rights to address concerns regarding data security and parental consent requirements. We urge the Department to consider amendments to better protect online privacy and security by minimizing the data collection companies would be required to obtain from internet users of all ages to show compliance.”
