TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

United States Privacy Digest | Notes from the IAPP Publications Editor, July 27, 2018 Related reading: A view from DC: Should ChatGPT slow down?


Greetings from Portsmouth, NH!

A couple weeks back I discussed some of the implications of the newly passed California Consumer Privacy Act of 2018. Will states use it as a template for their own privacy-protective regulation? Will the CCPA finally scare Washington enough to pass a baseline federal privacy law?

So far, we haven’t seen states take from the template, but big news came out Friday that the White House, particularly the Commerce Department, has been engaged in talks with industry and consumer advocates on a potential privacy blueprint. The mere mention of the word “blueprint” immediately reminds me of a former White House effort to get a federal privacy standard out there. Of course, that was during the Obama administration, which seems like decades ago at this point, and it died on the virtual vine.

Like its predecessor, this new principles-based blueprint would then set the table for Congress to create legislation. White House Deputy Press Secretary Lindsay Walters said the administration “aims to craft a consumer privacy protection policy that is the appropriate balance of privacy and prosperity,” and that they “look forward to working with Congress on a legislative solution consistent with our overarching policy.”

Clearly, a lot of work has already been done. According to the National Telecommunications and Information Administration, the White House has so far held 22 meetings with more than 80 companies, trade associations and consumer groups in the last month alone. One official told The Washington Post’s Tony Romm that recent developments “have been seismic in the privacy policy world.” I can think of at least three “seismic” events in recent months: the implementation in the EU of the General Data Protection Regulation, passage of the CCPA, and the Facebook-Cambridge Analytica revelations.

Commerce Secretary Wilbur Ross has been clear in his disagreement with the GDPR’s provisions, so it’s safe to say this framework will not be at the GDPR’s level, to no one’s surprise, really. Likewise, the U.S. Chamber of Commerce looks to tamp down prospective lawsuits for privacy violations, and, perhaps most importantly, wants a law that would preempt any state law — yes, they’re looking at you, CCPA.

The government’s goal is to release this blueprint by September, but by then, midterm election campaigns will be in full effect (and who knows where we’ll be with the Mueller investigation?), so it’s tough to say with any certainty how things will progress. At least something is happening at a federal level. Will this framework be enough to quell concerns from the EU about its agreement with the U.S. via Privacy Shield? Don’t forget, the second annual review will be conducted this fall. And the clock is ticking: the CCPA is set to go into effect at the start of 2020.

Though this blueprint may face the same fate as its predecessor, the privacy landscape and political ecosystem is much different now. Either way, buckle up, it’s going to be an action-packed autumn.


If you want to comment on this post, you need to login.