Federal US Privacy Laws

US Federal Privacy: The Expert View

Ethyca CEO Cillian Kieran recently sat down for a conversation on the state of the US federal privacy conversation with Amie Stepanovich. Amie is the Executive Director of the Silicon Flatiron Center For Law, Technology, & Entrepreneurship at the University of Colorado. Stream the audio below to hear her position on when the US can expect a federal privacy law.

Will the US soon guarantee privacy rights for individuals the same way Europe does?

The answer: maybe. The issue of privacy has found rare bipartisan support in the United States Senate. In November of 2019, Senator Maria Cantwell (D-WA) and Senator Roger Wicker (R-MS) proposed similar legislation that addressed individual privacy rights. The bills were not exactly the same, but they shared ideological points that are echoed in GDPR. Senator Cantwell’s bill, the Consumer Online Privacy Rights Act (COPRA), included the following rights for the users:

  1. To be free from deceptive and harmful data practices; financial, physical, and reputational injury; and acts that a reasonable person would find intrusive, among others.
  2. Access to their data and greater transparency. This means consumers have detailed and clear information on how their data is used and shared
  3. To control the movement of their data. Consumers have the ability to prevent data from being distributed to unknown third parties.
  4. To delete or correct their data.
  5. To take their data to a competing product or service.

Senator Wick’s responding piece of legislation was similar but set to override the authority of certain state legislation, specifically that of California. This speaks to a uniquely American problem in the federal privacy debate: the question of whether a US privacy law will “supersede” state laws or simply provide a foundation on which individual states can build. The business community is generally in favor of a single overriding set of privacy rules because it means they won’t have to spend lots of time and money accommodating small differences in laws from state to state.

Senator Wick agrees. In order for privacy legislation to be effective in the United States, there needs to be a simplicity in language to allow for proper enforcement and compliance. Senator Wick believes it imperative that state and federal legislation are not tangled; he said that his legislation was “better, stronger, clearer” than the California law.

us capitol building
Gillibrand’s data watchdog

In February of this year, Democratic Senator Kristen Gillibrand announced a desire to create a data protection agency as a consumer watchdog. Similar agencies exist throughout Europe because of GDPR. Her proposal calls for providing more resources to a central unit to better enact and ensure individual protections. Privacy has been a topic on the campaign trail, too. Andrew Yang proposed an incredibly inventive plan that provides individuals with a financial dividend if their data earns money for tech companies.

Privacy experts and industry insiders remain hopeful that a federal law will be passed in the near future, (ultimately, neither COPRA and Senator Wick’s more sweeping, aggressive piece of legislation were passed last congressional session). Estimates for when that day will come range from 1.5 to 5 years, but there’s close-to-unanimous agreement that a federal data privacy law is inevitable.