WASHINGTON, August 6, 2019 – If not properly executed, a federal privacy law could cost billions, according to a report released Monday by the Information Technology and Innovation Foundation.

Legislation that mirrors many of the key provisions in the EU’s General Data Protection Regulation or California’s Consumer Protection Act would cost the U.S. economy $122 billion per year, said the report, by ITIF Senior Policy Analyst Alan McQuinn and Vice President Daniel Castro.

The technology industry-driven think tank instead urged Congress to deal with a narrower set of privacy protections, enabling Congress to pass an effective law that costs 95 percent less.

An ideal data privacy legislation should not only increase consumer privacy but also maximize consumer welfare. New privacy laws must clarify how much their programs cost to both consumers and businesses. If not, companies and consumers could spend $18 billion in compliance costs.

Among the individual privacy rights with their own costs include the right to access, modify and delete personal data stored by an organization.

To enforce such rights, companies would need to build and maintain data infrastructure enabling users to access their information. Moreover, a report from the Fido alliance found that businesses that authenticate their customers spend an average of $307,000 annually on authentication costs.

Although most data collection and compliance are handled exclusively online, businesses will often need to receive and process some requests over the phone, by mail, or in person. The price of privacy legislation will have to factor in the costs of human processing.

Besides understanding the underlying costs of privacy legislation, Congress should be careful to not create overly restrictive rules that – the report said – would harm innovation in the economy.

Additionally, the group said, federal privacy legislation should preempt states from passing their own sets of privacy laws. Otherwise, costs could increase significantly.

(Photo courtesy ITIF.)

WASHINGTON, August 6, 2019 – If not properly executed, a federal privacy law could cost billions, according to a report released Monday by the Information Technology and Innovation Foundation.

Legislation that mirrors many of the key provisions in the EU’s General Data Protection Regulation or California’s Consumer Protection Act would cost the U.S. economy $122 billion per year, said the report, by ITIF Senior Policy Analyst Alan McQuinn and Vice President Daniel Castro.

The technology industry-driven think tank instead urged Congress to deal with a narrower set of privacy protections, enabling Congress to pass an effective law that costs 95 percent less.

An ideal data privacy legislation should not only increase consumer privacy but also maximize consumer welfare. New privacy laws must clarify how much their programs cost to both consumers and businesses. If not, companies and consumers could spend $18 billion in compliance costs.

Among the individual privacy rights with their own costs include the right to access, modify and delete personal data stored by an organization.

To enforce such rights, companies would need to build and maintain data infrastructure enabling users to access their information. Moreover, a report from the Fido alliance found that businesses that authenticate their customers spend an average of $307,000 annually on authentication costs.

Although most data collection and compliance are handled exclusively online, businesses will often need to receive and process some requests over the phone, by mail, or in person. The price of privacy legislation will have to factor in the costs of human processing.

Besides understanding the underlying costs of privacy legislation, Congress should be careful to not create overly restrictive rules that – the report said – would harm innovation in the economy.

Additionally, the group said, federal privacy legislation should preempt states from passing their own sets of privacy laws. Otherwise, costs could increase significantly.

(Photo courtesy ITIF.)

WASHINGTON, August 6, 2019 – If not properly executed, a federal privacy law could cost billions, according to a report released Monday by the Information Technology and Innovation Foundation.

Legislation that mirrors many of the key provisions in the EU’s General Data Protection Regulation or California’s Consumer Protection Act would cost the U.S. economy $122 billion per year, said the report, by ITIF Senior Policy Analyst Alan McQuinn and Vice President Daniel Castro.

The technology industry-driven think tank instead urged Congress to deal with a narrower set of privacy protections, enabling Congress to pass an effective law that costs 95 percent less.

An ideal data privacy legislation should not only increase consumer privacy but also maximize consumer welfare. New privacy laws must clarify how much their programs cost to both consumers and businesses. If not, companies and consumers could spend $18 billion in compliance costs.

Among the individual privacy rights with their own costs include the right to access, modify and delete personal data stored by an organization.

To enforce such rights, companies would need to build and maintain data infrastructure enabling users to access their information. Moreover, a report from the Fido alliance found that businesses that authenticate their customers spend an average of $307,000 annually on authentication costs.

Although most data collection and compliance are handled exclusively online, businesses will often need to receive and process some requests over the phone, by mail, or in person. The price of privacy legislation will have to factor in the costs of human processing.

Besides understanding the underlying costs of privacy legislation, Congress should be careful to not create overly restrictive rules that – the report said – would harm innovation in the economy.

Additionally, the group said, federal privacy legislation should preempt states from passing their own sets of privacy laws. Otherwise, costs could increase significantly.

(Photo courtesy ITIF.)