DelBene Renews Push for Consumer Privacy Law
WASHINGTON — As states begin to consider consumer privacy legislation, Rep. Suzan DelBene, D-Wash., is renewing her push for a federal statute on the matter.
California and Virginia have already enacted comprehensive state data privacy laws, but DelBene said a federal standard is necessary for ensuring congruency nationwide during a press call Wednesday. In DelBene’s home of Washington state, a similar privacy act was filed and is slated to be considered by the legislature.
“This is a critically important issue — to make sure that consumers’ data is protected and that we have a uniform standard across the country,” DelBene said. “This is an issue of civil rights, civil liberties and human rights, and right now we have no U.S. policy to protect our most sensitive personal information.”
DelBene’s bill, entitled the “Information Transparency and Personal Data Control Act,” contains a preemption clause designed to override conflicting state privacy laws. This would be done to avoid a “patchwork” of statutes instead of a uniform standard.
Avoiding a mishmash of differing state laws not only benefits Americans, DelBene said, it also establishes a clear direction for the country’s foreign policy. European Parliament enacted its own privacy law in spring 2018 regulating how companies may handle a European citizen’s personal data.
“A patchwork will be very difficult for people to understand what their rights are,” she said. “A patchwork makes it hard for businesses, especially small businesses, to make sure that they’re compliant and can implement things correctly. And this is also an international issue. If we don’t have a clear domestic policy, then what is our position when we are at the international table?”
About 60% of Americans believe it is impossible to experience life without having their data collected by private companies or the government, according to Pew Research Center analysis. Further, a majority of Americans are concerned about how their data is being used by companies or the government.
The bill’s focus is relatively narrow compared to previous proposals, DelBene said. Guidelines regarding information like emails and names are less restrictive than the guidelines for personal health data or Social Security numbers.
Consumers must explicitly opt-in to allow companies to disclose or sell their personal information under the bill’s provisions. Further, consumers can also opt-out of companies sharing their less delicate personal information.
Another change to the bill from previous versions includes the addition of immigration status and mental health diagnoses as sensitive personal information. The bill would also change annual privacy audits to occur biannually if enacted.
The most significant changes to the bill from previous iterations empowers the Federal Trade Commission to enforce the law more strictly. DelBene’s bill would increase FTC funding for data privacy enforcement from $35 million to $350 million and allow the agency to employ 500 new full-time employees to oversee privacy security.
“We’re going to continue to build support (for the act) and talk through these issues … the critical thing we need to do is talk about what the legislation actually looks like,” DelBene said. “Not just about bullet points or concepts, so I want to push that conversation forward. We have a lot of proposals to try to deal with these issues that folks have raised. And so, I think we have a strong proposal here and I look forward to others engaging the process so we can move forward and protect consumers’ data.”