TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

United States Privacy Digest | A view from DC: Reflections on federal privacy legislation, the Dobbs ruling, FTC rulemaking and more Related reading: A view from DC: A look at the updated American Data Protection and Privacy Act

rss_feed
GDPR-Ready_300x250-Ad

Policymaker attention. It is the dream of the policy wonk. It is the nightmare of the policy wonk.

Attention and relevancy to the national discourse can take a focused beam of policy ideas and pass it through political prisms, fracturing the conversation into disconnected sound bites. For example, what is a “strong” privacy law? Is it substantive provisions that guide organizations toward better data protection practices? Is it a broad scope? Is it robust accountability and enforcement mechanisms? Is it compatibility with other frameworks? All of the above?

There is plenty of room for debating the merits of the American Data Privacy and Protection Act and other currently proposed federal privacy bills. This week, The Washington Post reported on the reactions, and the reactions to the reactions, among Congressional leadership, civil society, and industry to the current bill and other circulating drafts (including, apparently, an updated draft of Sen. Maria Cantwell’s, D-Wash., Consumer Privacy Rights Act bill).

As Tisch Distinguished Visiting Fellow, Center for Technology Innovation Governance Studies Cameron Kerry wrote last week for the Brookings TechTank blog, substantial and remarkable progress has been made in resolving those “endgame issues” requiring political compromise. In his insightful piece, Kerry outlines a “narrowing” path forward to full agreement, along the remaining key issues of: (1) boundaries on collection, use, and transfer of personal information, (2) duty of loyalty, (3) private right of action (particularly disagreement about arbitration), and (4) covered entities.

Markups in the House and Senate are expected in July. Whether these next important steps can build on the fragile consensus, without being diverted by shifting attentions, will have a determinative impact on the outcome later this year.

Here's what else I’m tracking:

  • The release of the final Dobbs decision, removing national protections for access to safe abortions, has sparked a flurry of thoughtful commentary on its impact on foundational understandings of privacy and autonomy in the U.S.
    • Writing in Slate, professor Danielle Citron called for a new civil right to privacy, spelling out why legislative reforms are needed: “There is already a bounty on everyone’s intimate privacy.”
    • The New Yorker published an eye-opening comment on the trends toward tracking and criminalizing pregnancy, facilitated through the collection and dissemination of personal data.
    • Cyberlaw Clinic’s Kendra Albert wrote a nuanced explainer of the types of data most likely to be used by those seeking to prosecute abortions — and why period tracking applications are not the issue. Instead, Albert concludes that “the primary digital threat for people who take abortion pills is the actual evidence of intention stored on your phone, in the form of texts, emails, and search/web history.”
  • The U.S. Department of Health and Human Services released guidance on the Health Insurance Portability and Accountability Act Privacy Rule and disclosures of information relating to reproductive health care. Among other clarifications, the guidance states: “Where state law does not expressly require such reporting, the Privacy Rule would not permit a disclosure to law enforcement under the ‘required by law’ permission.”
  • The Federal Trade Commission should not wait for Congress to proceed with a privacy rulemaking. So writes Mark MacCarthy for the Brookings TechTank blog: “The agency should not wait to see what Congress does. Even with the streamlined Section 18 procedures, it will be difficult for the agency to complete a substantively and procedurally defensible privacy rulemaking before the end of this Administration. Moreover, the reality of an FTC privacy rulemaking might encourage some legislators to accept a legislative compromise rather than leave the policy decisions to the agency, making a new national privacy law more likely.”

Under scrutiny

  • Broad law enforcement keyword warrants are being challenged in an amicus brief filed by the Fourth Amendment Center at the National Association of Criminal Defense Lawyers and signed by the Electronic Frontier Foundation. As Forbes reports, “unlike most search warrants, keyword searches don’t target a specific person or property. Instead, they could potentially hand law enforcement data on dozens, hundreds or even thousands of people unrelated to the case at hand.”
  • AI hype does not match reality and is due for a reset according to a Wall Street Journal report.
  • Robocalls are the subject of an exhaustive report by EPIC and the National Consumer Law Center, with recommendations for regulatory solutions that could curb the problem.

Please send feedback, updates and policy dreams to cobun@iapp.org.  


Approved
CDPO, CDPO/BR, CDPO/FR, CIPM, CIPP/A, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPT, LGPD
Credits: 1

Submit for CPEs

Comments

If you want to comment on this post, you need to login.