US Senate Committee on Commerce, Science, and Transportation conduct hearings about the need for federal level privacy law

October 6, 2020 |

The United States does not have a comprehensive Data Privacy Legislation.  Most states in the United States have some form of data protection legislation, including mandatory data breach notification laws.  At the Federal level business, in particular those engaged in collecting and selling data, have resisted any attempt to provide some form of regulation on the collection, storage and use of personal information.  The dynamics have changed somewhat in the last two years with the outrageous abuse of personal information by Facebook with Cambridge Analytica, Google’s continuous data avarice and significant data breaches involving millions of individuals personal information.

The US Senate Committee on Commerce, Science, and Transportation held hearings on 23 September 2020 in Washington DC.   The hearing was titled Revisiting the Need for Federal Data Privacy Legislation.  The purpose was described as examining:

the current state of consumer data privacy and legislative efforts to provide baseline data protections for all Americans. The hearing will also examine lessons learned from the implementation of state privacy laws in the U.S. and the E.U. General Data Protection Regulation, as well as how the COVID-19 pandemic has affected data privacy.

The witnesses were:

The statemetns of Brill and Becerra are probably the most interesting though they all cover similar territory.  All witnesses made the same point, that the United States needs a comprehensive federal privacy law protecting personal information.  Most of the witnesses support the Federal Trade Commission continuing to act as the approrpriate regulator.  The FTC has been a better regulator in the United States than the Information Commissioner has here even though it’s powers are arguably more circumscribed.  That does not mean it has not had its critics.

The need for proper privacy regulation in the United States is obvious.  That does not mean it is inevitable.  This Committee held hearings in January and December last year and notwithstanding the clear concerns about the abuse of personal information by Facebook and Google in the Congress legislation is a dream rather than a reality.  Thus in the United States there is privacy and data protection legislation in most states to varying degrees of stringency.  Probably the most comprehensive is the California Consumer Privacy Act.    We should not be too smug about the lack of consistency in data protection laws in the United States.  In Australia the Commonwealth Privacy Act 1988 is a source of regular disappointment.  Its regulation is even more sobering.  An ineffective regulator does not even come close to use the legislation to its full extent.  As a result it is little wonder that the ACCC and ASIC have take an interest in privacy and data protection.

Leave a Reply

Verified by MonsterInsights