Senate Holds Hearing To Discuss Federal Data Privacy Legislation

King & Spalding

On October 10, 2018, the Senate Committee on Commerce, Science, and Transportation conducted a hearing to discuss the European Union’s recently implemented General Data Protection Regulation (“GDPR”) and California’s Consumer Privacy Act (“CPA”), and what aspects of those laws should be considered in crafting federal data privacy legislation in the U.S. 

The hearing, titled “Consumer Data Privacy: Examining Lessons From the European Union’s General Data Protection Regulation and the California Consumer Privacy Act,” follows an earlier hearing on September 26, 2018 where representatives from tech companies testified on current data privacy issues facing companies and the potential benefits of comprehensive federal legislation.  However, in his opening remarks, Senator John Thune (R-S.D.) made clear that “while the experience of such companies is important to consider,” “the next federal privacy law will not be written by industry.” 

Senator Thune cited the recent Cambridge Analytica and Google Plus incidents as examples of why it is time for the U.S. to finally implement federal legislation to govern how consumers’ personal information is used and protected, noting that “it is increasingly clear that industry self-regulation in this area is not sufficient.”  Looking to the recent legislative progress made in the EU in enacting GDPR, Senator Thune called for “open minds about the contours of a bipartisan bill” in light of past failures by Congress to pass comprehensive data privacy legislation. 

Several experts fielded questions from Congress at the hearing, including Laura Moy, Executive Director of the Center on Privacy & Technology at Georgetown Law.  In her prepared testimony, Ms. Moy called for legislation that would “rein in the problematic ways in which Americans’ data is being collected and stored without meaningful limitations.”  Ms. Moy noted that many consumers feel “powerless” in terms of their ability to control the privacy of their personal information, and that legislation must be implemented to regain that control.

Andrea Jelinek, Chair of the European Data Protection Board, wrote in prepared testimony that that GDPR may be able to serve as an inspiration for U.S. legislation, as it is “carefully calibrated so as not to hinder economic development, while keeping in mind the fundamental right of the individuals.”  The core philosophy of GDPR, according to Ms. Jelinek, “is to put individuals at the cent[er] of privacy practices,” and to force companies to “take a closer look at what data they are collecting, what they use it for, and how they keep and share it.”  Ms. Jelinek concluded with saying that “European data protection authorities . . . stand ready to share [their] experience” in the event Congress moves forward with designing similar legislation in the U.S.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© King & Spalding | Attorney Advertising

Written by:

King & Spalding

King & Spalding on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.