The Internet Association announced last week that it supports modernizing U.S. data privacy laws – with a caveat. The trade group, which represents more than 40 major internet and technology firms, including Netflix and Twitter, favors a national approach over state-by-state jurisdiction which would supersede the digital privacy law set to go into effect in California in January 2020.
The trade association calls for privacy protections to be technology- and sector-neutral and exhorts policymakers to set national data breach notification rules.
While California’s pending law is more comprehensive than anything the U.S. currently has in place, it falls short of Europe’s General Data Protection Regulation (GDPR) stringency. Controversy continues to swirl over the bill which was rushed through California’s state Senate and Assembly in order to win out over a stricter, privacy-focused ballot initiative backed by more than 600,000 Californians.
Clearsight continues to monitor the impact of GDPR on U.S. privacy laws and we remain convinced that, regardless of the outcome, consulting and tech firms focused on information security and data protection are poised to benefit as businesses that hold or handle private consumer information seek ways to mitigate any inherent regulatory and reputational risks.