Privacy advocates and industry groups are urging lawmakers to get a bipartisan federal data privacy bill passed soon: either early in the new Congress or even in the remaining weeks of the lame-duck session.
The prospects for passage, however, are clouded, especially in the lame-duck session, by the opposition of House Speaker Nancy Pelosi, D-Calif. Pelosi said last week that she would not seek a leadership post in the next Congress.
“There’s kind of two areas of focus right now,” said Alexandra Reeve Givens, CEO of the Center for Democracy and Technology. “One is whether the House might take it up and pass it during the lame duck.”
“The second question is if it doesn’t pass this year and comes back next year, I think many of us across the consumer community and businesses are hoping that it can be taken up early in the new year and taken up as passed out of committee,” Givens said in an interview.
The nonprofit entity advocates for technology policies that preserve people’s rights.
An industry executive said top tech companies were urging lawmakers who have championed the measure to get the bill through both chambers in the remaining weeks of the current Congress. Lawmakers are out for Thanksgiving recess and will resume legislative business next week, leaving only four weeks until Christmas.
The data privacy measure won broad support in the House Energy and Commerce Committee, which voted 53-2 in July to favorably report the legislation to the House.
The bill would establish a national standard for data privacy. In addition to giving users the right to opt out of data collection and limiting data collection by companies, the measure also would require large social media companies to know whether and how their platforms target kids under the age of 17, allow individuals to sue the companies, and allow state attorneys general to enforce the law.
The bill was backed by Rep. Frank Pallone Jr., the current chairman of the House Energy and Commerce Committee, as well as committee’s top Republican Rep. Cathy McMorris Rodgers, R-Wash., who is expected to become the chair when Republicans take the majority in January.
The bill also has the backing of Sen. Roger Wicker, R-Miss., the top Republican on the Senate Commerce Committee. Pallone has said that Wicker’s support was critical to moving the legislation forward. But Senate Commerce Chair Maria Cantwell, D-Wash., has yet to say whether she supports the bill, another potential hurdle to passage.
The bill would apply to any company that collects data about its customers, including tech and social media giants, retailers, online marketplaces and even restaurants. Companies that are covered by legislation specific to their industry such as banks, insurers and health care groups, would be exempt.
One congressional aide said the bill remained a top priority for Pallone as the clock ticks down on the current session.
“As long as the sponsors of the bill are working for its passage, BSA will be working with them to help achieve that goal,” Craig Albright, vice president of government relations at BSA The Software Alliance said in an email. The group represents some of the world’s largest makers of software, including Microsoft, Intel, IBM, Salesforce and others.
Cantwell’s position on the data privacy bill is uncertain, but she is urging Senate passage of two related measures, her spokesperson said in a statement.
The bills were approved by Senate Commerce in July. Sens. Richard Blumenthal, D-Conn., and Marsha Blackburn, R-Tenn., also support both measures. The bills aim to protect teens and minors by giving parents greater control over the online presence of children, and would restrict online data collection on children by website operators and others unless they meet certain criteria.
While Congress for years debated and struggled to come up with a compromise on data privacy, countries as big as China and as small as Armenia, along with the European Union and a handful of U.S. states including California, enacted privacy laws. Colorado, Connecticut, Utah, Virginia and others have passed privacy laws. Five other states are considering similar measures.
Federal preemption issue
Pelosi’s objection stems at least in part from California’s law. The bill “does not guarantee the same essential consumer protections as California’s existing privacy laws,” she said in September.
The federal bill would preempt state laws — a key demand of the tech industry. But along with Pelosi, Democrats including Rep. Anna G. Eshoo, D-Calif., Cantwell, and Sen. Brian Schatz, D-Hawaii, have said the federal measure isn’t as strict on tech and data companies as some state laws. They want a federal bill that’s tougher or that lets states set their own, higher bars.
As the House Energy and Commerce Committee was considering the measure, a group of 10 state attorneys general led by Rob Bonta of California wrote to lawmakers saying the federal bill should create a “floor, not a ceiling,” and asked that Congress allow states to set higher standards.
But several Republican lawmakers oppose allowing states to set standards that exceed what is in the federal measure.
Privacy advocates and civil rights groups have urged Pelosi to allow the House to take up the measure because it would “enshrine national protections for civil rights,” Givens said.
The federal measure would prohibit tech companies from using data that discriminates against people on the basis of race, religion, sex, disability or national origin, whereas the California measure is silent on that aspect of data use, according to a comparison by the Electronic Privacy Information Center. That silence has led some advocates to see the federal legislation as tougher in some ways.
Holding up the federal bill to satisfy California is “deeply unfair to all of the other people around the rest of the country who don’t get the benefit of state protections,” Givens said.
If the bill doesn’t pass in the lame-duck session the “question will be whether Republicans who have supported the bill are willing to kind of keep up the momentum from last Congress and just allow the bill to be reintroduced without editing it,” Givens said.
Henry Kenyon contributed to this report.
The post Advocates, industry push data privacy bill in lame-duck session appeared first on Roll Call.