GDPR-like Legislation to be Drafted by the US Senate in early 2019

A United States Senate subcommittee has revealed that it is working on a draft of a GDPR-style legislation for the United States.

Senators Richard Blumenthal (Democrat) and Jerry Moran (Republican) are putting together a bipartisan bill that would enshrine much of the same protections in the US that GDPR implements in the European Union.

Senator Blumenthal, commenting on the latest developments, said that a system of penalties for data breaches is necessary. He said: “A much-anticipated bill that may give the U.S. government the ability to collect civil penalties if a company misuses consumer data on the internet or allows it to be stolen could be drafted early next year. I have been working with Senator Moran on a bipartisan privacy bill that I hope will make very good progress very soon.”

It was also reported that last Tuesday the Congressional subcommittee on consumer protection, product safety, insurance and data security debated the details of the proposed legislation but did not reach a consensus on the language of the bill. It was, however, mooted that the FTC could provide guidance and apply punitive penalties against companies, groups or organisations that misuse or fail to safeguard consumer data.

Under the European Union’s General Data Protection Regulation, introduced on May 25 this year, companies face a maximum fine of €20m or 4% of annual global revenue. Already massive global companies including Google, Facebook, Twitter and British Airways have been subjected to multiple GDPR complaints.

A GDPR-style legislation in the US has many advocates including Apple CEO Tim Cook. In October this year, Cook lead the calls for this saying: “It is time for the rest of the world … to follow your (the European Union’s) lead. We at Apple are in full support of a comprehensive federal privacy law in the United States.”

Cook, who was the keynote speaker at a conference on data privacy conference in Brussels said: “Technology’s potential is and always must be rooted in the faith people have in it.” You can read the full report of that speech here: Apple CEO Tim Cook Urges US to Introduce for GDPR-like Data Protection Legislation

The proposed data privacy legislation is sure to face plenty of opposition from lobbyists and it is not yet clear what stance large companies like Microsoft, Twitter, Facebook and Google will take on the issue as they all rely so heavily on collecting data on their users.

Any companies that have not, so far, reviewed or audited their data protection methods to ensure that they are doing everything possible to protect individuals’ privacy would be wise to begin the process now in order to be ready for the introduction of such a bill.