TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

The Privacy Advisor | 2021 ‘best chance’ for US privacy legislation Related reading: Consolidating US privacy legislation: The SAFE DATA Act



Future of Privacy Forum Senior Fellow Peter Swire, CIPP/US, has been working in privacy’s legislative landscape since the late 1990s, when he served as chief counselor for privacy under President Bill Clinton. Today, he believes the U.S. is on the cusp of passing comprehensive federal privacy legislation.

“This new Congress has the best chance for comprehensive federal legislation that I’ve ever seen,” he said.

Swire and other members of the Future of Privacy Forum recently presented a look toward 2021, sharing their expectations on what the Biden administration, Federal Trade Commission and states will accomplish on privacy in the coming year.

Political landscape

Former Vice President Joe Biden’s election as president and Democratic control of the House suggests there is potential to see legislation similar to packages considered over the past year, particularly as the political parties narrowed in their differences on those proposals, Swire said. Sens. Roger Wicker, R-Miss., and Maria Cantwell, D-Wash., each proposed legislation — the American Framework to Ensure Data Access, Transparency, and Accountability Act and the Consumer Online Privacy Rights Act, respectively. 

“Something like last year’s bills might have a chance because Republicans and Democrats have come to agreement on so many of the provisions,” he said. “If Congress wants to do something in the next two years, they can do it here on privacy. This is a rare bipartisan opportunity and so we could really see comprehensive privacy legislation pass in the new Congress.”

FPF CEO Jules Polonetsky, CIPP/US, noted that many Biden appointees or members of the transition team have been steeped in the legislative process around data protection.

“There’s not a huge learning curve. Folks who were involved in the Consumer Privacy Bill of Rights that Obama did or who were part of the negotiations around the Privacy Shield are prominent among the current or likely appointees,” he said. “So, although there is going to be a big deluge of competing issues, we seem to have likely a collection of people who are in a position to walk in and pick up from where things left off.”

In addition to political parties nearing consensus on federal legislation, the business industry has reasons to support it, as well, key among them is last summer's "Schrems II" decision and ongoing discussions with Europe on transborder data flows, Swire said.

“This situation is the biggest risk I’ve ever seen to data flows being cut off from Europe to the United States,” he said. “Passing a commercial privacy law would help the atmosphere considerably as negotiations go forward with Europe.”

State action will increase federal momentum

Legislative action in California is also an inspiration, Swire said. Companies have already taken steps to comply with the California Consumer Privacy Act, as new legislation, the California Privacy Rights Act, passed in November and could change requirements.

“With the fight in Europe and the possible new round of requirements from California, industry is looking to a federal law to help create some kind of a path to having ways to comply nationally with these issues,” Swire said.

It’s also worth pointing out, Polonetsky said, that parties have reached consensus on issues that were key points of debate years ago, like access, deletion and portability. Today, these components have been implemented within the CCPA and the EU General Data Protection Regulation, and they are in Democratic and Republican federal legislative proposals.

“So much peace has been made with what were for years table stake issues,” he said. “Not that there aren’t still complexities to work out, but it’s worth noting how things moved.”

While many states considering comprehensive privacy legislation paused discussions in light of COVID-19, FPF Senior Counsel Stacy Gray, CIPP/US, said when legislative sessions begin again privacy is expected “to come back in full force” and a lot of states are anticipated “to be considering complex privacy laws.”

Washington is expected to see a third iteration of the Washington Privacy Act. A version of the proposal narrowly failed in the House last year, but Gray said it might be more likely to pass following changes in the makeup of the House in November.

“If the WaPA passes that will likely influence other states interested in passing similar protections for their own residents and will also create another major, slightly different model from California and will significantly increase the momentum toward a federal privacy law,” she said.

Privacy movement internationally

Privacy will continue to be a focus in countries around the world in 2021, FPF Vice President of Policy John Verdi said.

China is expected to pass comprehensive legislation, “some might even say a GDPR-inspired law,” he said. India is “very close” to adopting “sweeping data protection reform which owes much to Europe’s GDPR.” In Canada, legislation has been tabled to update the country’s federal privacy legislation, the Personal Information and Electronic Documents Act, and Brazil has passed the General Data Protection Law.

“The largest markets in the world are moving toward comprehensive data protection laws based on various models, and I think it’s no surprise lawmakers on Capitol Hill are pursuing comprehensive privacy and data protection efforts,” Verdi said.

Photo by Kelly Sikkema on Unsplash

US Government Guide to Global Sharing of Personal Information, 3rd Ed.

The guide is intended for lawyers, privacy professionals and individuals who wish to understand U.S. practice for sharing personal information across borders. The third edition contains new agreements, including the U.S.-U.K. Cloud Act Agreement, EU-U.S. Umbrella Agreement, United States-Mexico-Canada Agreement, and EU-U.S. Privacy Shield framework.

Print version | Digital version

State Comprehensive-Privacy Law Comparison

The IAPP Westin Research Center compiled this updating tracker of proposed and enacted comprehensive privacy bills from across the country to aid our members’ efforts to stay abreast of the changing state-privacy landscape.

View here

Frequently Asked Questions & Resources on ‘Schrems II’

The IAPP is publishing these frequently asked questions and links to relevant resources from government authorities and privacy practitioners as a resource for privacy professionals working to respond to this significant court decision.

Click to view

Credits: 1

Submit for CPEs


If you want to comment on this post, you need to login.