A bipartisan U.S. federal data privacy law was drafted by two U.S. lawmakers, aiming to codify and enforce the privacy rights of all U.S. citizens.
Rep. Cathy McMorris Rodgers (R-WA 5th District), Chair of the House Committee on Energy and Commerce, and Sen. Maria Cantwell (D-WA), Chair of the Senate Committee on Commerce, Science, and Transportation , unveiled the bill on April 7. , 2024.
They dubbed the bill the US Privacy Law.
The national law aims to give U.S. citizens greater control over their personal data, limiting the ability of big tech companies to process, transfer and sell that information.
It also imposes stricter cybersecurity standards on organizations to protect the personal data they hold from hacking or theft, giving enforcement powers to the Federal Trade Commission (FTC), states and individuals in case of violation.
Key provisions of the law Project include:
- Reduce the data that companies can collect, store and use about people, of all ages, to the data they actually need to provide them with products and services.
- More powers for citizens to control how their personal data is used, such as preventing the transfer or sale of their data, opting out of data processing if a company changes its privacy policy, and
- Require organizations to obtain express consent before sensitive data can be transferred to a third party
- Prohibit businesses from using people’s personal information to discriminate against them in decisions about housing, employment, health care, credit opportunities, education, insurance, or access to places of employment. public accommodation
- Give individuals the right to sue organizations that violate their privacy rights
- Impose strict data security standards that will prevent data hacking or theft
- Authorizes the Federal Trade Commission, states, and consumers to fight violations
Rodgers commented: “This historic legislation gives Americans the right to control where their information goes and who can sell it. It curbs Big Tech by prohibiting them from tracking, predicting and manipulating people’s behaviors for profit without their knowledge or consent. Americans overwhelmingly want these rights, and they are counting on us, their elected representatives, to act. »
Federal privacy law to eliminate the “patchwork” of state laws
The need for a US national privacy law, based on principles similar to those of the EU General Data Protection Regulation (GDPR), was highlighted. discussed by experts for several years.
Currently, a handful of US states have passed their own data privacy laws, including CaliforniaVirginia, Connecticut and Utah.
On April 6, 2024, the Maryland General Assembly adopted its own equivalent lawTHE Maryland Online Privacy Act of 2024. This law is awaiting approval from the state governor as of this writing.
However, this patchwork of legislation means that different US citizens enjoy different levels of data privacy protections across the country. Furthermore, inconsistent state rules in this area have created additional costs for businesses that operate nationally, which have been forced to establish separate and very specific protocols for relatively small groups of users in different states.
Rodgers and Cantwell said their bill represents the best opportunity in decades to establish a national standard for data privacy and security in the United States.
“This historic legislation represents the culmination of years of good faith effort in the House and Senate. It strikes a meaningful balance on issues critical to the passage of comprehensive data privacy legislation by Congress. Americans deserve the right to control their data and we hope our colleagues in the House and Senate will join us in passing this legislation,” they said.