Sen. Rick Scott Introduces DATA Act to Shield Americans’ Personal Information from Big Tech Companies

May 4, 2021

WASHINGTON, D.C. – Today, Senator Rick Scott introduced the Data and Algorithm Transparency Agreement (DATA) Act to increase transparency by requiring big tech platforms, like Facebook, Snapchat and Twitter, to receive express consent to use Americans’ personal information. The DATA Act also provides Americans with legal recourse against these companies if they believe their right to privacy has been violated.


Currently, tech companies capitalize on algorithms to manipulate users, pushing them toward content the algorithm believes they would like or be interested in. These companies are also gathering massive amounts of personal data – and users have little to no control over how their data is used.  


Senator Rick Scott said, “The way big tech companies gather, manipulate and sell Americans’ personal data, all without consequence, is alarming. These are the same companies that censor free speech, and pick and choose which viewpoints are allowed on their platform. We have to hold these companies accountable and protect the rights of Americans. That’s why I’m introducing the DATA Act to require greater transparency in how big tech collects and uses our personal information, and to provide a recourse for Americans if their privacy is violated. The DATA Act finally gives Americans a say in what happens with their personal information.”


The Data and Algorithm Transparency Agreement (DATA) Act:

  • Requires any internet platform, with an active monthly user base of 30 million or more U.S. users, that uses algorithms to increase or decrease the availability of content on its platform to:
    • Obtain user consent to collect data of the user’s preferences, habits, etc.;
    • Allow users to revoke or withdraw prior consent to data collection, and to request any user data previously collected be deleted or removed;
    • Obtain user consent to sell, share, or convey user data to a third-party entity;
    • Allow users to revoke or withdraw prior consent to sell, share, or convey the user’s data to a third-party entity;
    • Provide a plain language notice to users of the above requirements (in addition to any terms of service notifications), which will appear each login, unless affirmatively waived by the user.
  • Private right of action: If a platform provider violates any of these conditions, any individual user may file a federal lawsuit, and is entitled to minimum monetary damages of $5,000 per violation, plus any actual damages and attorney’s fees.