Greetings from Portsmouth, NH!
A couple weeks back I discussed some of the implications of the newly passed California Consumer Privacy Act of 2018. Will states use it as a template for their own privacy-protective regulation? Will CaCPA finally scare Washington enough to pass a baseline federal privacy law?
So far, we haven’t seen states take from the template, but big news came out Friday that the White House, particularly the Commerce Department, has been engaged in talks with industry and consumer advocates on a potential privacy blueprint. The mere mention of the word “blueprint” immediately reminds me of a former White House effort to get a federal privacy standard out there. Of course, that was during the Obama administration, which seems like decades ago at this point, and it died on the virtual vine.
Like its predecessor, this new principles-based blueprint would then set the table for Congress to create legislation. White House Deputy Press Secretary Lindsay Walters said the administration “aims to craft a consumer privacy protection policy that is the appropriate balance of privacy and prosperity,” and that they “look forward to working with Congress on a legislative solution consistent with our overarching policy.”
Commerce Secretary Wilbur Ross has been clear in his disagreement with the GDPR’s provisions, so it’s safe to say this framework will not be at the GDPR’s level, to no one’s surprise, really. Likewise, the U.S. Chamber of Commerce looks to tamp down prospective lawsuits for privacy violations, and, perhaps most importantly, wants a law that would preempt any state law — yes, they’re looking at you, CaCPA.
The government’s goal is to release this blueprint by September, but by then, midterm election campaigns will be in full effect (and who knows where we’ll be with the Mueller investigation?), so it’s tough to say with any certainty how things will progress. At least something is happening at a federal level. Will this framework be enough to quell concerns from the EU about its agreement with the U.S. via Privacy Shield? Don’t forget, the second annual review will be conducted this fall. And the clock is ticking: CaCPA is set to go into effect at the start of 2020.
Though this blueprint may face the same fate as its predecessor, the privacy landscape and political ecosystem is much different now. Either way, buckle up, it’s going to be an action-packed autumn.
If you want to comment on this post, you need to login.