How much should US consumers sacrifice to get national data privacy law?
It is hard to square the circle U.S. lawmakers find themselves in over a proposed federal data privacy bill.
So many House legislators want in on finally delivering a national law addressing biometric identifiers and other personal data that one would think they were considering a bill making birthday cakes free on birthdays.
But the proposed American Data Privacy and Protection Act (H.R. 8152) would pre-empt the California Consumer Privacy Act, or CCPA, and another privacy act-in-waiting because they conflict with American Data provisions. That is to say, they hold organizations to a higher standard in terms of consent for collection and management of people’s personal information.
(The state of Illinois’ well-worn Biometric Information Privacy Act would be exempted. BIPA‘s power, while significant, is narrower than the CCPA.)
Pressure built on Democratic House Speaker Nancy Pelosi, who represents California, until last week when she all but put a pause on the bill’s movement. Pelosi knew many in her home state were unhappy about having their protections lopped. She waited to say something until it was obvious it would not blow over.
For now, she says she will “continue to work with [Energy and Commerce Committee chair Frank Pallone] on responding the state’s concerns.”
The American Data Privacy bill is summarized by the National Law Review here. It was voted out of the Energy and Commerce Committee by 52-2.
Vocal critics of the legislation say it should not scrape away California‘s deeper and broader act in the interest of creating a single national standard. Though not united on this point, many of them want a national standard that uses California’s laws as the foundation.
Proponents say an American Data Act could itself be a foundation for future amendments and new laws.
It creates a consumers’ private right of action in some privacy cases, for instance. The right to drag a defendant to court was used in negotiations with House minority Republicans to get “strong preemption language” into the bill, according to a brief analysis posted by law firm Squire Patton Boggs. (The post says the firm is confident the legislation will make it out of the House largely unchanged.)
That is the position of the International Association of Privacy Professionals.
According to a bylined article on the IAPP site, it comes down to giving 300 million Americans a legal privacy framework regardless of consequences for Californians or telling 40 million Californians that a rights rollback is better for the many.
In a sense, this argument says that the data-protection rights that Californians have given themselves are not strictly necessary. Removing rights and privileges is saying that they are not inherent nor are they something a person should have.
Yet, at the same time, the strongest advocates of the planned law are saying that people nationwide should aspire to have protections at least commensurate with the CCPA’s.
The U.S. will also hold mid-term elections on November 8, adding to the urgency of the proceedings.
Article Topics
American Data Privacy and Protection Act (ADPPA) | biometric data | biometric identifiers | Biometric Information Privacy Act (BIPA) | biometrics | CCPA | data privacy | data protection | legislation | standards | United States
Comments