Republicans and Democrats Introduce Bills to Improve Consumer Privacy Protections
In the absence of a federal privacy law, it is left to individual states to introduce consumer privacy laws and ensure that companies that collect, process, and sell personal data are adequately protecting that information. While attempts to pass a federal data privacy bill have stalled, Republican and Democratic lawmakers are continuing to push for greater privacy protections for consumers.
Congresswoman Anna Paulina Luna Introduces U.S. Data on U.S. Soil Act
Congresswoman Anna Paulina Luna (R-FL) recently introduced the U.S. Data on U.S. Soil Act, to protect the data security of Americans and prevent their personal information from being exploited by foreign adversaries. It is no secret that foreign countries are attempting to collect and use the personal data of U.S. citizens. In March 2023, the House Committee on Energy and Commerce explored the role that social media, and specifically TikTok, plays in data collection and how the Chinese Communist Party has access to the data of U.S. citizens that is collected by TikTok, through TikTiok’s parent company, ByteDance.
The European Union has a comprehensive data privacy and protection law, the General Data Protection Regulation (GDPR), which protects the rights of individuals and limits the data that can be collected and used by companies such as TikTok, but there is currently no comparable federal privacy and data protection law in the United States, only a patchwork of laws introduced by individual states.
“Americans daily face the threat of exposing their personal data to bad-actor countries who are looking for a chance to exploit us, simply by opening our phones,” said Luna. “The protections in my bill are long overdue. A military leader would never hand over his tactics and intelligence to the enemy on a silver platter, and neither should we. My bill would make sure our adversaries can’t have a free-for-all with our personal lives, national security, and strength as a country.”
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The U.S. Data on U.S. Soil Act seeks to prohibit companies such as TikTok from storing the data of any U.S. national in a physical data center that is located within a foreign adversary, including China, Cuba, Iran, North Korea, Russia, and Venezuela. The bill also seeks to prevent government officials in foreign adversary countries from accessing covered data. The bill would set a national minimum standard for data privacy and would not pre-empt state law, ensuring that individual states could implement more stringent data privacy protections. The bill would seek penalties of $50,120 per violation under the Unfair or Deceptive Act under the Federal Trade Commission Act. The bill, which currently has no companion Senate bill, was co-sponsored by Reps. Mary Miller (R-IL), Ralph Norman (R-SC), and George Santos (R-NY)
Democratic Senator Reintroduces Three Data Privacy Bills
U.S. Sen. Catherine Cortez Masto (D-NV) has recently reintroduced three bills that aim at strengthening consumer data privacy protections. The first bill, The DATA Privacy Act, is concerned with improving privacy protections for consumers and ensuring that large tech firms implement data security and privacy protections. The bill would give consumers the right to request, dispute the accuracy, and transfer or delete their personal data without retribution. All data collection, processing, storage, and disclosure would require three standards to be met:
- The data collected must be reasonable, and for a legitimate business or operational purpose that is contextual and does not subject an individual to unreasonable privacy risk.
- The data must not be used in a discriminatory way.
- And businesses must not engage in deceptive data practices.
The DATA Privacy Act would give new authority to state Attorneys General and the Federal Trade Commission (FTC) to impose civil penalties for violations.
Sen Cortez Mastro, along with Sen. Deb Fischer (R-Neb.), reintroduced The Promoting Digital Privacy Technologies Act, which requires the National Science Foundation (NSF) to support research into privacy-enhancing technologies (PET) to help protect consumer data. The bill also calls for the National Institute of Standards and Technology (NIST) to work with academic, public, and private sectors to establish standards for the integration of PET into business and government.
The third bill, like the U.S. Data on U.S. Soil Act, takes aim at the collection, access, and use of consumer data by foreign adversaries, specifically China. The Internet App ID Act aims to improve the digital security of Americans by requiring operators of Internet websites and mobile applications to disclose if the applications being used by consumers have been developed or store data within China, or are under the control of the Chinese Communist Party.
“Big technology companies are collecting massive amounts of Americans’ personal information, from social security numbers to health care data. It’s clear we need stronger privacy laws to make sure this information isn’t shared or sold without consumers’ permission,” said Sen. Cortez Masto. “My bills will hold corporations and foreign actors accountable, protect the data privacy of vulnerable consumers, and ensure that our emerging AI and other innovative technology industries grow responsibly.”
