Commercial Privacy Bill of Rights Act of 2011

[AI summary unavailable — showing source text] Commercial Privacy Bill of Rights Act of 2011 - Directs the Federal Trade Commission (FTC) to initiate a rulemaking requiring security measures to be carried out by any person (defined in this Act as a "covered entity") collecting, using, transferring, or storing certain personal information (defined in this Act as "covered information") concerning over 5,000 individuals during any consecutive 12-month period who is also: (1) a person whom the FTC is directed to prevent from using unfair methods of competition or deceptive practices in or affecting commerce under specified provisions of the Federal Trade Commission Act; (2) a common carrier subject to the Communications Act of 1934, notwithstanding specified terms and exceptions; or (3) a nonprofit organization, including certain tax-exempt organizations. Requires each such entity to implement a comprehensive information privacy program. Applies the requirements of this Act to: (1) personally identifiable information; (2) unique identifier information; and (3) any information that is collected, used, or stored in connection with such information in a manner that may reasonably be used to identify a specific indi…