Although we’ve seen most privacy activity happening at the state level, things have been heating up nationally. Right now, businesses have a unique opportunity to help shape the future of federal legislation.
The new Congress has made privacy a priority for this session, with the House Committee on Energy and Commerce forming a privacy working group to explore the topic. As they consider a comprehensive privacy law for the nation, they have issued a request for information (RFI) seeking input from the public.
This RFI process is a rare chance for stakeholders to provide their insights on comprehensive privacy laws. It’s an opportunity for those interested in and impacted by a national privacy law to help Congress understand what should be included and what should be avoided.
The RFI covers a wide range of questions, making it one of the most comprehensive in recent times. Just some of the important issues addressed include:
- How should a federal privacy law account for different roles in the digital economy, such as the differences between controllers and processors, and various technology vendors or suppliers?
- What consumer protections should be included, taking into consideration common protections seen in state privacy laws?
- What distinctions should be made between personal information and sensitive personal information? What should be classified as sensitive information?
- What has been the impact of fragmented state privacy laws, including costs imposed on businesses and the uneven consumer protections that result?
- To what degree should federal law preempt state laws?
- How should enforcement be managed? State comprehensive privacy laws generally do not include private rights of action for enforcement, focusing instead on regulator enforcement. The RFI seeks opinions on the benefits and costs of having a national privacy law enforced solely by regulators.
Previous efforts to pass a comprehensive federal privacy law have been hindered by issues of preemption and enforcement. If you’re interested in shaping a national privacy law, now is the time to respond to the RFI and provide your feedback to Congress.
Responses to the RFI are due by April 7th and should be sent to [email protected]. Comments should be kept to 3,500 words or less and submitted as a Word document or PDF. View the full RFI on the House Committee on Energy and Commerce website.
Questions on providing your feedback? We can help.
A Partner at M&S, Josh advises clients on a range of proactive and responsive matters, helping them achieve their business goals while complying with federal and state privacy and other consumer protection laws.