Senate Committee Tackles Data Privacy

Lawmakers agree a federal law is needed but remain divided on key issues. 

December 06, 2019

WASHINGTON—Democrats and Republicans alike called for federal legislation to ensure data privacy but didn’t come up with a consensus on a path forward in a Senate Commerce, Science, and Transportation Committee hearing Wednesday, MarketWatch reports.

Senator Marsha Blackburn (R-Tenn.) was among those expressing frustration. “I think people are absolutely appalled that we have gone this long without having a federal privacy standard. It was six years ago that we started the Privacy Working Group in the House, and to think that it has taken this long to move to this direction is really surprising,” Sen. Blackburn said at the “Examining Legislative Proposals to Protect Consumer Data Privacy” hearing.

Senator Richard Blumenthal (D-CT) said, “Here’s a bulletin from outside the Beltway: People are angry and scared, more than ever before. They don’t care whether it’s a federal law or a state law. They want a law,” Blumenthal said.

The witness list included: (1) Julie Brill, former commissioner of the Federal Trade Commission (FTC), corporate vice president and deputy general counsel, Microsoft; (2) Maureen Ohlhausen, former acting-chair of the Federal Trade Commission, co-chair 21st Century Privacy Coalition; (3) Laura Moy, executive director and associate professor of law, Georgetown Law Center on Privacy & Technology; (4) Nuala O’Connor, senior vice president and chief counsel digital citizenship at Walmart; and (5) Michelle Richardson, director of privacy and data, Center for Democracy and Technology.

A key split between Republicans and Democrats is whether a federal privacy law would override state laws already in place on privacy. Committee Republicans indicated support for provisions that would preempt existing laws, such as the California Consumer Privacy Act (CCPA), which is slated to take effect on January 1.

The witnesses generally agreed that a patchwork of state laws would hinder businesses that operate in multiple states. Democrats, however, signaled the desire to preserve the ability for states to pass laws that are tougher than a national standard.

Technology companies have been among those warning that differing state laws confuse consumers and make it harder for smaller, startup firms to ensure that they comply with state regulations, CNBC reports.

“There’s an opportunity here to do better than what we’re seeing at the states,” Richardson, the director of privacy and data at the Center for Democracy and Technology, told the committee. She said federal law could be more comprehensive than state law and ensure protections are in place in a timely manner.

Lawmakers and witnesses largely agreed that any federal law will only be as good as the ability to enforce it. Sens. Brian Schatz (D-HI), Jerry Moran (R-KS) and Jon Tester (D-MT) all spoke about the need to give the FTC rulemaking authority and more resources to enforce a data privacy law. Sen. Blumenthal argued that legislation should allow for private enforcement, especially if state laws are preempted. The senators also broached whether state attorneys general should be allowed to enforce the federal law.