This week both the House and Senate held hearings kicking off the legislative process for federal privacy legislation. Legislators from both parties voiced support for comprehensive and bipartisan legislation. Most of the witnesses were representatives of industry associations, joined by privacy advocates and one professor.
As suggested in our recent preview report, the central points of discussion included: (i) the extent to which the California Consumer Privacy Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR) should serve as models or cautionary tales; (ii) the appropriate scope of federal preemption of state privacy requirements; (iii) possible limits on the collection, use and sharing of certain kinds of highly sensitive information; (iv) rights that consumers and other individuals whose personal information is handled should have to control those activities; (v) whether smaller companies and startups should receive special treatment; and (vi) expanded enforcement powers for the Federal Trade Commission (FTC).
Summaries of each of the hearings, along with links to witness statements, transcripts, and model bills that were considered, can be found in our recent Privacy and Data Security alert titled "Congressional Committees Hold Hearings on Federal Privacy Legislation."