Connect with us

Hi, what are you looking for?



US Lawmakers Kick Off Debate Over Online Privacy

US lawmakers opened a debate Tuesday over privacy legislation in the first step by Congress toward regulation addressing a series of troublesome data protection abuses by tech firms.

US lawmakers opened a debate Tuesday over privacy legislation in the first step by Congress toward regulation addressing a series of troublesome data protection abuses by tech firms.

Most companies have said they would accept new federal legislation in the wake of bombshell revelations about Facebook and other online platforms’ mishandling of users’ personal data.

Lawmakers face several key choices, including whether to adopt the model in the European Union’s data protection rules, and whether to pre-empt the strict privacy rules adopted by California.

A House of Representatives committee hearing on Tuesday is to be followed by a Senate panel Wednesday where industry and interest groups will make recommendations on US legislation.

Legislators are likely to find broad agreement on the need for greater transparency regarding the collection and sharing of data, and on tougher enforcement for violations.

Beyond that, sharp differences exist on how tightly tech firms should be reined in.

“A federal law must include basic rights for individuals to access, correct, delete and port their personal data,” said Nuala O’Connor, president of the Center for Democracy and Technology, a digital rights group, in testimony prepared for the House Energy and Commerce panel.

O’Connor said any bill must also enshrine the right to know how and with whom personal data is shared, and go beyond the confusing “notice and consent” currently offered by many internet firms.

Advertisement. Scroll to continue reading.

Roslyn Layton, a visiting scholar at the American Enterprise Institute, said the US should steer clear of Europe’s General Data Protection Regulation (GDPR) model, claiming that it created complex compliance mechanisms that benefit the largest online firms.

“To do business in the EU today, the average firm of 500 employees must spend about $3 million to comply with the GDPR,” Layton said in her prepared remarks. “Thousands of US firms have decided it is not worthwhile and have exited.”

Layton said GDPR has done little to increase trust in the online ecosystem or help consumers better understand how their data is used.

“The US does not need to copy the European Union on data protection,” she said. “It can fundamentally improve on the GDPR by making a policy that actually works — promoting privacy without destroying prosperity.”

– Ad targeting in focus –

Dave Grimaldi, executive vice president of the Interactive Advertising Bureau, cautioned against legislation that would ban any form of targeted online marketing.

Grimaldi said that in Europe, “programmatic advertising,” the most common ad system used by online platforms, has dropped between 25 and 40 percent following the implementation of GDPR.

“The GDPR has also directly led to consumers losing access to online resources, with more than 1,000 US-based publishers blocking European consumers from access to online material in part because of the inability to profitably run advertising,” he said in his testimony.

“Congress should look to a new paradigm for digital privacy that will not threaten the goods and services that consumers seek on the internet.”

The Electronic Frontier Foundation said in a statement that Congress should designate large internet firms as “information fiduciaries” in charge of protecting user data and giving consumers a right to sue for breaches.

“Laws that impose legal duties on large technology companies that monetize consumer data, coupled with strong enforcement such as a private right of action, will give users back control,” EFF’s India McKinney and Katharine Trendacosta wrote.

Wednesday’s hearing is to be chaired by Senator Roger Wicker of the Commerce Committee, who was criticized for failing to include consumer groups in the session.

Wicker said in a statement he is seeking “to develop a federal privacy standard to protect consumers without stifling innovation, investment, or competition.”

The two hearings are part of a process expected to result in bills drafted in both chambers, which could face hurdles in winning passage and reconciliation, if separate bills differ.

Written By

AFP 2023

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.


People on the Move

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

More People On The Move

Expert Insights