Staring at 10:30 am: the House Civil Rights & Judiciary hearing, incliuding #MyHealthMyData and the #ShieldLaw.

Live video stream:…

"A much more favorable environment", my #waleg privacy overview, has more about both these bills…
#MyHealthMyData (HB 1155), from @SlatterVandana and @Dhingrama, provides strong protections to consumer health data. It

- requires opt-in consent before companies collect, use, or share data
- prohibits sales of health data
- restricts geofencing around health facilities
The #ShieldLaw (HB 1469 / SB 5485), sponsored by @SenatorTrudeau @RepDrewHansen protects abortion providers, patients, and helpers in Washington by putting up barriers to out-of-state investigations from states that criminalize abortion or gender-affirming care
I'll be live-tweeting, starting at 10:30. Stay tuned!

Here's the video link again:…
There are over two dozen people signed up to testify on #MyHealthMyData (HB 1155).

PRO: @Legal_Voice @ProChoiceWA @GenderJusticeWA @wapeopleprivacy @waisn_org @LWVWA @ACLU_WA @jaclseattle @AGOWA @cherthedev @jdp23 (me!) and more
OTHER on #MyHealthMyData: @WTIA @Technet @futureofprivacy @WAHospitals @waretail and the State Privacy & Security Coalition

More about SP&SC's strategy of watering down state privacy laws from @ToddFeathers and @alfredwkng in @themarkup…
And we're off! Starting with a staff briefing on HB 1155, #MyHealthMyData. I've been consistently impressed with legislative staff's work on privacy bills over the years. Here's the bill analysis.…
#MyHealthMyData has a broad definition of consumer health data -- that's good! It even includes health data that's derived from non-health data.

Health data can only be collected or shared with prior consent by the consumer -- "opt in"! That's good too!
The bill also has rules about notice, security requirements, and restrictions on server providers.

Consumers have rights to confirm whether an entity is collecting or sharing health data, withdraw consent, and delete data.
Two important prohibitions:

- it's unlawful to sell health data

- it's unlawful to put a geofence around certain health care entities
Rep. @SlatterVandana, the bill's sponsor, notes that HIPAA protetions don't apply when you share health information on a web site, app, or searchers.

#MyHealthMyData addresses that. It's taken on increased urgency with the overturning of Roe v. Wade. #AbortionJustice
The bill protects all health data, but the SCOTUS decision highlighted gaps for reproductive health data and gender-affirming care.

Slatter notes some of harms. Period tracking apps. "Crisis pregnancy centers." Advertising.
Thanks people, including @AGOWA and his team, working together to mitigate as many as unintentional impacts as possible. Need to align with other states -- but not willing to compromise on protecting health data. "Data we expect to be private, but currently isn't".
Ranking Member Walsh notes that he was surprised by media focus on reproductive rights aspects, when it's a general health privacy bill. Why is that?
Slatter: health data protection's long overdue, taken on increased urgency because over half our population is concerned about how the data can be used to impact their rights. It's not incendiary, just the right thing to do!
Starting in-person testimony. Limiting testimony to 90 seconds.

Up first Nicole Kern of Planned Parenthood Alliance Advocates, PRO. Talks about patients concerned about. privacy -- and afraid to seek care.
Talks about SafeGraph selling location data of people who visited @PPFA abortion clinics. We want to stop that.…
Up next, @danniaskini of @GenderJusticeWA, PRO. Significant concerns about states attacking gender-affirming care. Maintains privacy and safety of people seeking gender-affirming care and their families.
Stan Shikuma of @jaclseattle, also a member of @ResistenciaNW, PRO. Talks about how government surveillance was used during WWII to oppress Japanese-Americans. "Today we face a threat to our right to obtain healthcare without fear of surveillance."
Shikuma: "Access to health care, data privacy, and freedom of fear should be a right."
Ashley Sutton of @TechNet_NW, concerned about what they see as overly-broad definitions.

Ha! Exactly as I predicted in…
Bob Battles of AWB makes a similar point about narrowing definition of data. Also wants an R&D exemption. Concerned about private right of action under CPA, asks that people have to prove all five elements (no per se clause), remove right to cure.
Kelly Fukai of @WTIA says there's been great progress on language, but need more to let consumers have more control. Asks for "precise" location in geofencing, narrow the definition of consumer health data. Hey wait a second I'm noticing a pattern here.
Andrew Kingman of SP&SC says it needs to be watered down to better protect consumers. As drafted, the definition of consumer health data is so broad that they'll get opt-in requests for books about health. [Which it should!]
SP&SC has definitional problems. Sale includes the term share, which is used differently. Collect includes any form of processing. Also, doesn't like the private right of action.
Question from Rep. Walen: does it apply to Apple Care and other state health agencies? No.

Ranking Member Walsh to industry lobbyists: is bill fixable? They say yes.
Up next, Andrea Alegrett from the AGO ... then me, so I'm going to take a break and prep my testimony!
Whew, I think it went okay.

Dr. Anuj Khattar of Cedar River Clinics, provides an abortion provider's perspective, and support the bill.
@waisn_org highlights immigrant perspectives -- undocumented immigrants are concerned their data will be shared with ICE.
Mark Johnson of @waretail talks about how they worked closely with former Sen. Carlyle on the Bad Washington Privacy Act -- which the legislature repeatedly rejected. Wants to work with sponsors to weaken #MyHealthMyData
Ryan Spiller of an automotive trade association notes that vehicles have sensors, including some that rely on facial detection (which is different than facial recognition). The bill requires consent for these features, which they think is a mistake.
@WAHospitals, like everybody else testifying OTHER, supports the goals but has concerns about the specific language. Concerns about overlap with other bills, lack of clarity on exemption data, has alternate language. Objects to having exemption language tied to CPA.
Alicia Hupprich of LD23. Talks about her decision to end a pregnancy. Husband in military, so no insurance options, had to go out of state. Looked online, anti-abortion groups used her data to harass her. #MyHealthMyData would protect people from harassment.
@jennifer_e_lee of @ACLU_WA strongly supports. Serious harms are heightened in post-Roe world. Data can be used to target and harass people seeking abortion and gender-affirming are. Protects data not covered by HIPAA: app data, geolocation data.
Lee talks about FTC settlement with a period tracking app -…
Yvette Maganya of @Legal_Voice focused on "crisis pregnancy clinics" (CPCs), fake clinics -- they're not medical clinics, so not covered by HIPAA. They provide misinformation and surveil pregnant people.…
@Slaterfe of @futureofprivacy is OTHER. Addresses important concerns. Two recommendations:

- tailoring definiton of health data to apply to uses. "could swamp consumers with opt-in notices".

- tailoring geofencing to allow traffic analysis
Darbi Gottlieb (I missed the affiliation) also expresses concern about overlap with existing protections and the R&D exceptions.
Brian Warren makes similar points. Biomedical research covered by federal common rule doesn't allow for data to be deleted. For blinded research, subjects can't be made aware of their information. Has suggested language, submitted in writing.
Brad Payne of Family Policy Institute of Washington respects privacy rights, asks that it apply equally to all medical facilities -- including Planned Parenthood as well as CPCs. Shouldn't be used by AG to primarily protect abortion facilities, which has been the rhetoric.
And that's it for public testimony on that bill. As is traditional in Washington, industry lobbyists askingn to weaken the bill got to speak; individuals testifying PRO didn't.

Still, great points by the bill's supporters -- and some concerns worth looking at
Now on to the #ShieldLaw, HB 1469. @RepHansen talks about the need for this bill to protect Washingtonians.

@LavenderRightsP talks about the importance of protecting bodily autonomy in general.
@RepHansen @LavenderRightsP Professor David Cohen talks about overall trends to criminialization, notes that several other states have passed similar legislation
@RepHansen @LavenderRightsP Ranking Member Walsh asks about the full faith and credit clause. How to square the circle?

Cohen: Full faith and credit only requires recognizing out-of-state *judgments*, nothing in the #ShieldLaw counters that.
WA Assoc Sheriffs & Police Chiefs opposes bill. WA law enforcement shouldn't get caught up in intra-state issues. Cites language in Extradition Clause in the constitution.
What if Louisiana (LA) defines abortion as homicide? Then an WA officer executiing a LA warrant isn't sure whether or not it falls under the #ShieldLaw.
More provider perspectives. "There is no reproductive health care without reproductive health care providers."
Urges passing the bill.
A former abortion patient also speaks on the necessity of protecting providers as well as patient. Threats include attacks as well as criminalization. "I see abortion access as harm reduction in cases of domestic violence as well."
Washington State Coalition Against Domestic Violence also supports the bill. Notes that they have multiple locations close to the Idaho border. "Access to health care, including reproductive choices, will help victims of DV"
Alizeh Bhojani of @Legal_Voice notes that SCOTUS decision requires Washington to be at the forefront. Idaho's Supreme Court upheld their law criminalizing abortion that allows bounty hunters. People are facing untenable decisions today, please pass this law.
Dr. Sarah Prager from @acog supports the bill. "Currently, I could be prosecuted for doing my job."

Dr. Suzanne Poppema, "So many of our patients have literally nowhere else to turn."
@danniaskini of @GenderJusticeWA: "As states pursue bigoted attacks against trans people, especially younger people, we hear from so many people who come to Washington to receive care." Urges to vote to support it.
@LWVWA strongly supports #ShieldLaw because of the privacy protections it gives to individuals.

And that's it on HB 1469! Once again great testimony.

There are a couple more bills in the hearing but I'm going to sign off for now.
@threadreaderapp please unroll, thanks!

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with The Nexus of Privacy

The Nexus of Privacy Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @NexusOfPrivacy

Jan 23
The Senate Transportation committee's hearing on SB 5105 #DigitalDriversLicences starts at 4:00. I'll be live-tweeting. #waleg

Here's the video:…

And here's the "bill report", with a quick summary:…
Signins on #DigitalDriversLicenses are overwhelmingly CON -- including @ResistenciaNW @ACLU_WA and @IndivisEastside. @wapeopleprivacy is signed up to testify OTHER, as am I.…
@ACLU's."Identity Crisis: What Digital Driver’s Licenses Could Mean for Privacy, Equity, and Freedom" has more on the risks of #DigitalDriversLicenses.…
Read 15 tweets
Jan 23
A much more favorable environment, but a lot of complexity: Washington state privacy legislation 2023

UPDATED with info about #PeoplesPrivacyAct and #ShieldLaw as well as #MyHealthMyData… #waleg
The 2023 session is already in high gear, and once again there's some significant privacy legislation.
If you're just tuning in, "What's Past is Prologue" and "Significant successes for Washington privacy advocates" have the backstory.…
The Supreme Court's Dobbs decision overturning Roe has changed the game on privacy legislation. @SlatterVandana and @Dhingrama's #MyHealthMyData Act (HB1155/SB5351), developed with @AGOWA, responds by providing strong protections for consumer health data.…
Read 9 tweets
Nov 2, 2022
The Seattle Community Police Commission is discussing ShotSpotter at this morning's meeting. Public comment has just wrapped up. Now, @jennifer_e_lee from @ACLU_WA is presenting. #StopShotSpotter
@jennifer_e_lee @ACLU_WA Oops, connection problems. Up next, Angélica Chazaro with quotes from the October 27 Rainier Beach town hall.

"ShotSpotter is giving them a license to hunt bodies. It's a waste of money. It's about control."
"I think more money can go into housing. Also, being put back into communities."

"We want to do things in partnership and this tech is opposite to that."
Read 35 tweets
Nov 1, 2022
Today's Nexus of Privacy Newsletter:
- what Karen memes teach us about white women and surveillance
- privacy nutrition labels
- upcoming events
- an abolitionist take on Section 230
- news from across the pond ... and more!…
Let's start with the events. Today at 1:30 Pacific time (4:30 Eastern) is @ruha9's @ColumbiaEthics talk on Viral Justice: Pandemics, Policing, and Public Bioethics"

Next Monday, November 7, @NoTech4Tyrants unveils their report on “Surveillance Technology Perpetuates Police Abuse of Power.”

Read 12 tweets
Oct 9, 2022
Time for another round of #privacypolls!

ADPPA still hasn't hit the House floor, and Speaker Pelosi is still opposed to preempting California. Rep. Pallone says there's still time to pass something, and expresses optimism.

How likely is ADPPA to pass this session? (1/5)
If ADPPA doesn't pass, how far will it get?

- no House (H) floor vote?
- H passes, but no Senate (S) action?
- progress in S but dies before floor vote?
- S amends, but dies in cross-chamber reconciliation?
ADPPA currently preempts most stronger state and local privacy laws. California and AGs from other states want this removed so ADPPA is "a floor not a ceiling".
Compromise proposals include giving CA a waiver or adding a 5- or 10-year sunset.

How will this get resolved? (3/6)
Read 8 tweets
Oct 7, 2022
The Executive Order to Try to Implement the European Union-U.S. Data Privacy Framework has been announced. Will the third time be a charm? @astepanovich, who's followed the issue for years, has a good thread.
@ACLU says the EO doesn't go far enough.

"It fails to adequately protect the privacy of Americans and Europeans, and it fails to ensure that people whose privacy is violated will have their claims resolved by a wholly independent decision-maker,”…
@PrivaSense notes that the mutual recognition clause "shifts the power balance over international data transfers in favour of the US" (h/t @NSQE)

"This is the Whitehouse grabbing the (CJ)EU by the throat, while Putin is threatening to start WWIII"…
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!