WASHINGTON, July 17, 2019 — The “honeymoon phase” of tech is definitely over. As a result, federal privacy legislation is essential.
So said two prominent members of Congress – one Democrat and one Republican – at a Wednesday event hosted by Charter Communications and the Future of Privacy Forum on Wednesday.
Indeed, Congress should quickly take bipartisan and bicameral action towards a federal data privacy law before various states begin adopting their own inconsistent regulations, said House Consumer Protection Subcommittee Ranking Member Cathy McMorris Rogers, R-Wash., citing California’s recent Consumer Privacy Act.
But if the federal government wants to preempt state laws, added subcommittee Chair Jan Schakowsky, D-Ill, it will need an extremely strong bill with which to replace the existing regulations.
Schakowsky emphasized the importance of giving consumers control over all of their online data with access, correction, and deletion rights.
However, the main burden should be on the data collectors and not the consumers, she cautioned. Data minimization laws should be implemented to limit the amount of data collected by companies in the first place.
Schakowsky also called for the Federal Trade Commission to be given more authority, saying that the agency was clearly underfunded and understaffed.
Additional resources allocated to the FTC should be carefully directed so as to maximize efficiency, said McMorris Rogers, suggesting that the agency hire expert witnesses on a case by case basis rather than increasing the overall staff.
Congress must keep the needs of small businesses and startups in mind, McMorris Rogers said. The cost of implementing certain privacy regulations can be extreme, as seen with Europe’s General Data Protection Regulation.
In order to be effective in that goal, Congress must first define what counts as a small business, Schakowsky said, pointing out that a company’s number of employees and the amount of data that it collects is often uncorrelated.
Federal privacy regulation should be especially strict on “shocking” geolocation services and strengthen the Children’s Online Privacy Protection Act in keeping with the development of smart toys, said Schakowsky.
It should also require terms of service to provide consumers with a real choice and use clear and standardized language, she said, suggesting that something similar to nutrition labels be placed on websites. McMorris Rogers agreed, saying that “transparency is what is going to empower consumers.”
The representatives also discussed the $5 billion fine recently levied on Facebook for privacy violations. Schakowsky called the punishment “insufficient,” especially when compared to the tens of billions of dollars that the platform makes each year.
McMorris Rogers did not say whether or not she supported the fine, but she noted that it was more than twice the maximum penalty that would be allowed under GDPR, which is generally seen as the world’s toughest privacy regulation.
(Photo of event by Emily McPhie.)