Democratic representative Suzan DelBene has reintroduced a bill aimed at creating a national standard for digital privacy rights in the United States.
Her initiative comes soon after Virginia’s Governor Ralph Northam signed the state’s Consumer Data Protection Act into law.
Similar legislation became law in California last year and other states are moving ahead with plans to introduce privacy statutes.
DelBene’s bill would pre-empt California’s and other states’ laws in order to create a uniform standard across the country.
She argues state-by-state decisions would be too confusing and onerous for consumers and small businesses.
“I understand why states are moving forward in the absence of the federal government moving, but I think it is much better to have a federal law versus a patchwork of laws,” she was quoted as saying by broadcaster CNBC.
The bill proposes stricter guidelines for sensitive data such as social security numbers and health data than for less sensitive information like names and emails.
As envisaged under the bill, consumers must explicitly opt in to allow a company to sell or share their sensitive personal information, but they can opt out of sharing of their non-sensitive personal information.
DelBene foresees her bill serving as a baseline which can be built upon with more targeted bills covering artificial intelligence, facial recognition technology and other matters.
Since the bill was first introduced in 2019, DelBene has made several changes based on feedback. Modifications include adding immigration, citizen status, and mental and physical health diagnoses to the definition of sensitive personal information and changing privacy audits to every two years from every year.
The updated version also bolsters resources for the Federal Trade Commission (FTC), which would be tasked with enforcing the law. It would be allowed to hire 500 new full-time employees focused on privacy and security, rather than 50, and funding is increased ten-fold to $350m (€291m).
Learn more about US Privacy law at ”OneTrust. US Privacy Update: CCPA, CPRA, Virginia, State Laws and Federal Law” at 6pm, 24 March at PrivSec Global