By Alexandra Kelley, Staff Correspondent, Nextgov
A team of bipartisan lawmakers unveiled new data privacy legislation that stands to finally implement a federal set of regulations to protect Americans’ online information.
Led by Reps. Frank Pallone, D-N.J., and Cathy McMorris Rodgers, R-Wash., as well as Sen. Roger Wicker, R-Miss., the bill, titled the American Data Privacy and Protection Act, has an exhaustive list of definitions that work to give online users power over how their data is accessed and shared by host platforms and third-party data brokers.
“This bipartisan and bicameral effort to produce a comprehensive data privacy framework has been years in the making, and the release of this discussion draft represents a critical milestone,” the lawmakers said in prepared remarks. “In the coming weeks, we will be working with our colleagues on both sides of the aisle to build support and finalize this standard to give Americans more control over their personal data. This landmark agreement represents the sum of years of good faith efforts by us, other Members, and numerous stakeholders as we work together to provide American consumers with comprehensive data privacy protections.”
Should the bill become law, it would mandate corporate governing bodies of online platforms that harbor user data, in order to limit such bodies collecting that data and require them to specifically ask permission to access data in digestible language.
It also stipulates targeted advertising should be optional for online users and consumers and expands protections particularly for children and minors.
The Federal Trade Commission would be tasked with enforcing these new privacy requirements.
“This bill strikes a meaningful balance on issues that are critical to moving comprehensive data privacy legislation through Congress, including the development of a uniform, national data privacy framework, the creation of a robust set of consumers’ data privacy rights, and appropriate enforcement mechanisms,” the lawmakers continued. “We believe strongly that this standard represents the best opportunity to pass a federal data privacy law in decades, and we look forward to continuing to work together to get this bill finalized and signed into law soon.”
Taking a page out of the European Union’s playbook, The American Data Privacy and Protection Act would also request the FTC conduct deeper studies on how younger technology start-ups can thrive in the current digital ecosystem.
Dispute data privacy and security being a new frontier for domestic and national security, the U.S. lacks a federal data privacy and protection law. Other lawmakers have previously introduced a bevy of bills aimed at expanding protections for U.S. online consumers to better understand how algorithms track and collect user data to curate content.
Knowing about applicable data privacy laws and their requirements is the first step toward complying with them — a practice that is often referred to as cybersecurity compliance. Complying with cybersecurity laws, regulations, and standards is good business sense. Besides reducing the risk of incurring a data breach or another type of cyberattack, it strengthens a company’s reputation of being able to protect its customers’ data and their privacy.
Contact Xantrion, we can help your business implement the systems and controls needed to adhere to one or more cybersecurity-related laws, regulations, or standards.