US Senator Maria Cantwell (D-WA) and US Representative Cathy McMorris Rodgers (R-WA) jointly announced on Sunday a plan for draft legislation aimed at setting a national standard for data privacy and security. The legislation, known as the American Privacy Rights Act, aims to provide a widespread, federal approach to data regulation rather than allowing the current fragmented system of individual state laws.
The proposed American Privacy Rights Act would enforce restrictions on data companies involving consumer data collection, usage, and storage. It would also provide consumers with the right to object to the sale of their personal data from one company to another, implementing a requirement for explicit consent before a transfer of personal data could occur.
Significantly, this act aims to ensure the enforcement of data privacy rights, a factor currently lacking in federal data privacy law. Most individuals affected by data breaches or hacks lack a legal standing to access federal courts, often due to an inability to demonstrate personal injury or harm suffered. This obstacle sees affected individuals typically seeking relief in state courts. It’s worth noting that, as of June 2022, only five states have implemented comprehensive consumer data privacy laws.
Rodgers expressed that the new act intends to prevent technology giants from ‘tracking, predicting, and manipulating people’s behaviors for profit’ without their knowledge or consent. Tech companies in other markets already face strict privacy laws. For instance, the EU’s Right to Be Forgotten allows individuals to request the erasure of their personal data post-transaction or if obtained unlawfully. Companies found to breach EU privacy regulations face considerable fines.