If this bill becomes law, companies would have to explain why they want to collect, use and store your personal data.
The bill would forbid companies from collecting data that isn’t necessary to deliver or improve a service, or to make a transaction. If data is transferred to a third party, that party would have to sign a contract agreeing to the terms of the bill.
Last year, the Federal Trade Commission called for a “Do Not Track” list that would prevent Internet companies from following users around the Web, and all browsers would be required to offer this feature. The bill from Kerry and McCain ignores the FTC’s advice, leaving the issue of “Do Not Track” in the hands of individual Web browsers, all of which tackle the problem differently. If you discover that a company was covertly gathering your personal information and sending it to who-knows-where, you wouldn’t be allowed to take the case to court. The FTC and state attorneys general would be the only entities that could take action against a company for privacy violations.
Consumer groups that take a hard line on user privacy don’t think the Kerry-McCain bill goes far enough. … And they don’t like how the Commerce Department, which primarily promotes the interests of businesses, can make exceptions for businesses that come up with alternative privacy plans. … The consumer groups also claim that Facebook and other “social media marketers” get special treatment because they can continue to gather data without sufficient safeguards.
http://www.csoonline.com/article/679529/kerry-mccain-privacy-bill-what-you-need-to-know?source=CSONLE_nlt_update_2011-04-14