The U.S. Chamber of Commerce (the “Chamber”) recently hosted a data privacy summit, “#DataDoneRight”, which brought together a group of industry professionals, government stakeholders, and privacy thought leaders to talk about data privacy.

The Chamber, which has proposed federal privacy legislation, engaged a wide variety of speakers, covering multiple viewpoints, to demonstrate the need for a comprehensive and fair federal privacy law:

  • Alastair Mactaggart, the primary architect of the California Consumer Privacy Act (CCPA), explained his efforts to pass that law, including his negotiations with California legislators.  Mactaggart expects that the CCPA would be a floor for any federal privacy law both because he claims consumers demand it and because the significant numbers of federal legislators from California (who comprise 20 percent of the House Democratic caucus alone) would not approve of any law that undercut the consumer rights granted by the CCPA.  Mactaggart likened privacy to auto safety and emissions and tobacco use, all areas where public sentiment required regulatory change and consequent industry changes.
  • FTC Commissioner Noah Phillips – speaking for himself, not officially for the FTC – strongly supports a comprehensive federal privacy law, with clear rules of the road from Congress.  Although he believes the FTC is the appropriate authority for enforcement due to its years of privacy expertise, Commissioner Phillips hopes for only limited need for FTC rulemaking.  The commissioner also expressed his support for a privacy law focused on avoiding actual consumer harms. He spoke against a private right of action and for gradual, calibrated penalties that would not stifle innovation, and perhaps even a system where violators are offered the opportunity to cure deficiencies before regulatory action occurs.
  • Congresswoman Cathy McMorris Rodgers (R-Wa) advocated for a similar structure.  She supports federal legislation, especially to avoid the negative effects that a patchwork of separate state privacy laws would have on small business and innovation, but believes Europe’s General Data Protection Regulation was the “wrong approach.”  The congresswoman does not think a private right of action would benefit consumers – just attorneys – and highlighted a number of benefits that businesses’ use of data provides consumers, including time saving, more efficient and improved customer service, and targeted loyalty programs.  She believes that data privacy is an issue where Congress can bridge partisan divides, but recognized that might be difficult with the current domination of the media by presidential politics.
  • Georgia Attorney General Chris Carr concurs with Commissioner Phillips and Congresswoman McMorris Rodgers.  AG Carr emphasized his state’s pro-business practices, noting that Georgia was voted the best state to do business in for six years in a row.  That said, he also made it clear that being pro-business does not mean being anti-consumer.  A state can support business while still having effective consumer protection.  AG Carr suggested that, in the absence of necessary federal action, state governments would fill the void, creating a patchwork of state data privacy laws and leading to confusion in the business community.

As “#DataDoneRight” made clear, privacy remains a priority for legislators, regulators, industry, and consumer advocates.  Although the diverse group assembled by the Chamber was unable to agree on when we might see a federal privacy law, they all agreed on the necessity of it. Without such law, however, industry will need to be prepared for the current patchwork, because states will continue to fill the gaps created by congressional inaction.