SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

US House and Senate debate new data privacy law

By Lisa Vaas, Sophos

February 28, 2019

Most people in the US – 91%, according to the Pew Research Center – feel they’ve lost control over their data.

Lawmakers feel your pain, citizens. They’re not interested in hearing your thoughts, though.

This week, both the House and the Senate are holding hearings on privacy legislation, transparency about how data is collected and shared, and the stiffening of penalties for data-handling violations.

But it’s not the consumers whose data gets fumbled, or quietly pickpocketed, who are sitting in on those meetings.

Rather, it’s mostly tech companies, the Electronic Frontier Foundation (EFF) points out. From the EFF’s India McKinney and Katharine Trendacosta:

Last year, the US Senate held a hearing about consumer privacy without a single voice for actual consumers. At the time, we were promised more hearings with more diverse voices. And while a hearing a month later with consumer advocates did seem to be a step forward, this week’s two hearings – only mostly full of witnesses from tech companies – make us worried about a step back.

House disses GDPR, California’s CPA

At the mostly consumer-free House hearing on Tuesday, the Consumer Protection and Commerce subcommittee agreed that we need a new, single federal privacy law. At this point, we’ve got a hodgepodge of state laws and a slew of proposed federal laws. Lawmakers are now considering one such: the Data Care Act (PDF).

Other bills: In September, Rep. Suzan DelBene introduced a privacy bill that would require information transparency and personal data control. In November, Senator Ron Wyden proposed a bill that would throw execs into jail for up to 20 years if they play loosey-goosey with consumer privacy. Senator Marco Rubio announced yet another bill in January, titled the American Data Dissemination Act.

CNET quoted Rep. Jan Schakowsky, who spoke at the beginning of Tuesday’s House hearing:

Reports of the abuse of personal information undoubtedly give Americans the creeps. Without a comprehensive federal privacy law, the burden has fallen completely on consumers to protect themselves, and this has to end.

Overall, the committee was none too thrilled with the notion of modeling a new law on the laws we now have: either the EU’s General Data Protection Regulation (GDPR) or California’s Consumer Privacy Act (CCPA).

Rep. Cathy McMorris Rodgers, for one, argued that the GDPR is detrimental to the free market and has tipped the scales in favor of large tech companies. Legaltech News quoted her:

Millions of dollars in compliance costs aren’t doable for startups and small businesses, and we have already seen this in Europe where GDPR has helped increase the market share of tech companies while forcing smaller companies offline.

Other reps accused the GDPR of burying consumers in a blizzard of required notices and privacy policies they don’t read. Other committee members or witnesses said that the law stops people from getting to certain newspapers, such as the Chicago Tribune, and to the WHOIS domain registration database in the EU.

Given how negative the committee was about the GDPR, it’s not surprising that many members didn’t cotton to the notion of modeling a new law on the CCPA.

Roslyn Layton, visiting scholar at conservative think tank American Enterprise Institute:

It’s not fair that one state gets to dictate [privacy] for everyone else.

Dave Grimaldi, executive vice president for public policy at Interactive Advertising Bureau, said that businesses could be swamped by fines due to the CCPA’s requirement that businesses have to hand over consumers’ data when requested:

[If a business doesn’t meet the timeline], it is in the violation of the law. [Given the potential for thousands of requests,] that’s something smaller companies wouldn’t be able to deal with.

Of course, a new law doesn’t have to hew to what’s already been done in California or in the EU.

Terms of Use | Copyright © 2002 - 2018 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement