With a burdensome new rule in Europe, a precedent-setting law just passed in California, and rising concerns among the public, data privacy is quickly becoming a hot topic. The U.S. Chamber of Commerce is offering guidelines that will lead to smart, effective, and thoughtful solutions to this complex and challenging issue.
At the federal level, the Chamber is developing privacy principles and ultimately a legislative proposal that could be considered by Congress to prevent a patchwork of state rules that would pose a nightmare for businesses that operate across state lines. In today’s interconnected world, data know no boundaries and require a federal framework.
A case in point is California’s recently passed Consumer Right to Privacy Act of 2018. It imposes disclosure requirements on businesses that disseminate “personal data” – a term so broadly defined to include a consumer’s name, address, and purchasing history – for business purposes and requires that consumers be able to opt out of having their personal data sold. Companies not in compliance could face lawsuits with mandatory penalties including if personal data are released as a result of a data breach. This law is just the tip of the iceberg of what’s happening throughout the 50 states.
The Chamber is not only concerned about a patchwork of state laws in our country, but a patchwork of international requirements that present similar challenges for businesses operating around the world. We’re sharing our concerns about the European Union’s new General Data Protection Regulation. Those concerns include equal and fair enforcement, liability exposure, and the impact on cross-border data flows.
More broadly, we are urging governments around the world to foster policies that are streamlined, risk based, and engage stakeholders as partners, not adversaries. Policies should encourage cross-border data flows over data localization, which does little to protect privacy while making data more vulnerable and discouraging foreign investment. And policies should focus on long-term growth over short-term gains that may be achieved by limiting data flows and other practices that undermine competition.
The Chamber is also working to prevent data privacy from becoming a lawsuit bonanza for the trial bar. As the size and frequency of cyberattacks increase, more and more consumers are exposed, and conflicting and complex federal and state laws create confusion, the risk and potential liabilities become staggering. Ultimately, it’s consumers who will pay the bill.
If we’re smart and careful, we can protect privacy without causing undue burdens on businesses or restraining economic growth. That’s our goal at the Chamber.