The chief legal officer of Cisco Systems Inc. is the latest Silicon Valley executive to express support for a U.S. version of the General Data Protection Regulation.

In an interview with Financial Times, Cisco's longtime chief legal officer Mark Chandler backed the idea of an Americanized GDPR, a May 2018 European Union regulation aimed at protecting people's rights over their personal data's collection and use. Apple chief legal officer Tim Cook previously praised the GDPR at a privacy conference in Brussels and called upon other regulators to follow Europe's lead.

“We believe that the GDPR has worked well, and that with a few differences, that is what should be brought in in the U.S. as well,” Chandler told Financial Times. He did not immediately respond to a request for additional comment.

His view isn't shared with all of Silicon Valley. Many in-house lawyers at large tech companies have argued GDPR's definition of personal data is too vague, making compliance tricky.

Two weeks ago, Mountain View, California-based Google was hit with a $57 million fine over GDPR violations. Neighbor Facebook is currently being investigated by the Irish Data Protection Commission over potential GDPR violations. The ultimate fine under GDPR is 4 percent of global revenue or 20 million euros ($23 million), whichever is higher.

But many tech companies—including Google and Twitter—pushed for a federal data privacy bill at a Senate Committee on Commerce, Science and Transportation hearing Sept. 1. This change of heart comes as the California Consumer Privacy Act's 2020 implementation date draws near. A federal regulation could override the act, which faces similar critiques as GDPR.

At the September hearing, Google chief privacy officer Keith Enright said GDPR put undue burden on small- and medium-sized companies. Google's preparation for GDPR took “hundreds of years of human time,” he said, a resource smaller competitors may not be able to spare. He and Amazon.com Inc. vice president and associate general counsel Andrew DeVore said both the California law and GDPR are unclear on what constitutes personal information.

But senators warned that companies shouldn't wish for a weak data privacy bill that would provide an escape hatch from California Consumer Privacy Act compliance.

“The companies [at the Senate hearing] and all across the country are ultimately going to want California law pre-empted and they're going to want other states' laws pre-empted,” Sen. Ed Markey of Massachusetts said at the hearing in September. “They're going to ask this panel to do that. So our goal has to be to ensure that any law which we pass out of this committee is a strong law. We don't need to pass weak laws in Washington that override strong laws in California or Massachusetts or other states.”

|