TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

United States Privacy Digest | Notes from the IAPP, May 7, 2021 Related reading: Notes from the IAPP, April 30, 2021



Greetings from Newfields, New Hampshire!

My interest and attention paid to the U.S. state privacy law landscape since the turn of the calendar have yet to waver — and for good reason. There's been so much to cover and much left to track as state legislatures still in session continue to work on potential legislation.

But after my experience covering the wild ride that was Florida's efforts to pass a privacy law, I took a step back to consider the bigger picture. Developments out of Florida and Washington state in recent weeks can be called progress or failures, depending on whom you ask, but both scenarios leave folks to wonder whether a near-pass moves the needle toward a federal privacy law. What we fail to consider is how these shortcomings may actually be moving the goalposts back on achieving federal law.

Aside from California and Virginia — the latter being considered an anomaly by some in the privacy space — no state has been able to devise passable legislation due to one issue or another. Why do we assume the U.S. Congress interprets these misses as reasons to remain vigilant and ready to respond?

Federal lawmakers have been given no reason to act with urgency, and every passing failure by a state legislature only dials back any willingness or priority given to answer any sort of growing state patchwork. There's no shortage of topics the federal government is trying to address and tackle these days, so the issue of properly regulating data privacy has to be pushed to the forefront somehow.

State lawmakers can't continue to think "well, we tried" will be enough to fuel claims — made by several state lawmakers during 2021 legislative sessions — that privacy legislation is only a federal-level matter. This needs to be proven first by passing a law, which may bring a win-win scenario: One win is passing legislation that successfully protects citizens and holds companies accountable; the other is passing differing laws that will almost assuredly pressure Congress to preempt and create a unified standard.

The moral of the story here is that action needs to speak louder than words when striving for a federal privacy law, but that action must go beyond effort alone. Regulating in the data privacy space at the state or federal level will unquestionably require results.


If you want to comment on this post, you need to login.