Tech Representatives, Senators Discuss Framework for US Federal Data Privacy Law
Tech industry representatives joined senators Wednesday to discuss policy points for a federal data protection law. Both sides have pushed for a federal law as data breaches become an increasing consumer concern and California's data privacy law implementation date approaches.
February 27, 2019 at 02:03 PM
4 minute read
The framework for a U.S. federal data privacy law took clearer shape at a Senate committee on commerce, science and transportation hearing Wednesday.
Lobbyists representing Google, Facebook and other tech companies discussed state law pre-emption, violation penalties, notification requirements and special protections for children with members of the committee. Data breaches at Uber, Facebook and Equifax and the implementation of the European Union's General Data Protection Regulation are turning American regulators on both sides of the aisle toward a federal privacy law.
Tech companies have also pushed for a federal law. That's in part an effort to pre-empt the state-level California Consumer Privacy Act before its 2020 implementation date; some have criticized the act, claiming its definition of personal data is too broad.
“Are we here just because we don't like the California law and we just want a federal preemption law to shut it down? Or do people think you can have meaningful federal privacy legislation without that [pre-emption]?” asked Sen. Maria Cantwell, D-Washington. She said the committee “cannot pass a weaker federal law just at the expense of states.”
Jon Leibowitz, the co-chairman of the 21st Century Privacy Coalition, which represents telecom companies, and Michael Beckerman, the president and chief executive officer of the Internet Association, which represents tech giants Google, Facebook, Amazon, Inc. and others, both responded that their groups wanted pre-emption of the CCPA in federal law.
Victoria Espinel, the president and CEO of The Software Alliance, said companies she represents, including Apple Inc. and Microsoft Corp., want a federal law that goes further than the CCPA, requiring consumers opt-in to sharing personal, sensitive data. Apple CEO Tim Cook has publicly called for an American version of GDPR, as has Cisco Systems Inc. chief legal officer Mark Chandler.
“Enacting federal privacy legislation is necessary in light of the patchwork of privacy bills being produced in legislatures around the country,” Leibowitz said. He said CCPA and other state privacy laws are being drafted “in haste” with “multiple drafting flaws.”
Sen. Shelley Moore Capito, R-West Virginia, noted that even with U.S. federal pre-emption of the CCPA, companies operating in Europe would need to comply with GDPR, which has faced similar criticisms.
Committee members also discussed fines for companies violating the future bill, proposing an increase in the Federal Trade Commission's ability to penalize first-time offenders. The FTC currently cannot fine for first-time violations, but that could change under a federal data privacy law. Espinel said the companies she represents are strong proponents of this proposal.
Sen. Ed Markey, D-Massachusetts, also raised concerns about privacy rights for children under a federal law. Markey, who drafted the Children's Online Privacy Protection Act that protects those under 13, proposed data collectors require opt-in consent for users under 16 years old. He noted the CCPA and GDPR both require special protections for minors.
“Without protections for children, it makes no sense to pre-empt California law,” he said.
Other proposals included simplifying privacy notifications that inform users of their data privacy rights in a clear, concise way free of legalese and moving to a legitimate interest model of data collection rather than relying on user consent.
GDPR uses a legitimate interest model, requiring companies to establish a reasonable cause for collecting and storing user data. Tech representatives also pushed for a “tech neutral” bill, which would place the same restrictions on all data collectors, regardless of industry.
Sen. John Thune, R-South Dakota, predicted a federal law will come in the “next couple years.” A similar hearing was held by the U.S. House of Representatives' consumer protection and commerce subcommittee Tuesday.
Read More:
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllHow Marsh McLennan's Small But Mighty Legal Innovation Team Builds Solutions That Bring Joy
Aggressive FTC May Force Merging Companies to Bolster Legal Defenses
4 minute readBest Legal Departments: How Blackstone's Legal and Compliance Team Got the All-Clear to Grow Business
CEOs Want Data-Based Risk Management; GCs Lack the Tech to Do So.
Trending Stories
- 1Call for Nominations: Elite Trial Lawyers 2025
- 2Senate Judiciary Dems Release Report on Supreme Court Ethics
- 3Senate Confirms Last 2 of Biden's California Judicial Nominees
- 4Morrison & Foerster Doles Out Year-End and Special Bonuses, Raises Base Compensation for Associates
- 5Tom Girardi to Surrender to Federal Authorities on Jan. 7
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250