As a follow-up to an earlier Heureka post, the U.S. Senate Committee on Commerce, Science & Transportation held a follow-up meeting late February on the topic of establishing a federal privacy law.

Baseline Law Discussion

Overall there was much discussion around implementation of a Federal Privacy Law with a lot discussion and mentions of California’s recently passed California Consumer Privacy Act. Witnesses discussed both sides of the debate over establishing a federal privacy law and in particular the establishment of a baseline law that might supersede state-level laws.

Professor Woodrow Hartzog of Northeastern University argued that a baseline law may not be necessary as states and the federal government have harmoniously existed with different structures for quite some time stating,

While consistency is nice, patchwork isn’t insurmountable. It’s what we’ve been dealing with all along.

Senator Maria Cantwell, D-Wash appeared to agree with Professor Hartzog in her opening statement as she indicated that she did not believe that pre-exemption is necessary for an effective federal bill to take hold.

On the other side of the pre-exemption debate were industry insiders and lobbyist including Jon Leibowitz from the 21st Century Privacy Coalition. Mr. Leibowitz and others advocate for a single federal law that will perhaps override local state laws on privacy.

Imagine if there were different Federal Aviation Administration standards for every state in the country? There would be disasters in the air. That’s what’s at stake in letting states craft policies piecemeal.

Enforcement Discussion

There were numerous discussions based on enforcement of any law. The general consensus was that the Federal Trade Commission should ultimately be the primary enforcer and there was discussion around the need for additional resources should a law be passed. Victoria Espinel of The Software Alliance mentioned that state attorney general offices may also play a role in enforcement.

There was healthy debate between panelists and Senators as to transparency and industry involvement in federal privacy law. There was a true concern over having industry insiders water-down any federal bill which has happened in the past with regards to privacy. There was also debate on what the base floor for the new law should be. GDPR? CCPA? Many agreed that CCPA could be the base standard from which federal law could be based, however there was some disagreement from panelists.

Follow Up

Witnesses and Senators have two weeks to submit questions (till March 13, 2019). Heureka Software will be following this continuing discussion and update as new developments occur.

Witnesses

• Jon Leibowitz, Co-Chairman, 21st Century Privacy Coalition
• Michael Beckerman, President/CEO, Internet Association
• Brain Dodge, COO, Retail Industry Leaders Association
• Victoria Espinel, President/CEO, The Software Alliance
• Dr. Woodrow Hartzog, Professor of Law & Computer Science Northeastern University School of Law and Khoury College of Computer Sciences
• Randall Rothenberg, CEO, Interactive Advertising Bureau