One lawyer says momentum for a federal bill could start as early as January
Stu Ingis believes any federal digital privacy law should be opt-out, not opt-in like GDPR.
Earlier this month, the California Consumer Privacy Act (CCPA) became enforceable. Seventeen other states have proposed similar digital privacy bills, according to law firm Husch Blackwell, that, if passed, would create a patchwork of laws governing the use of online data.
However, efforts are underway to establish federal legislation on digital privacy that would create consistent, national enforcement.
gfbv Stu Ingis, partner at law firm Venable LLP, said to expect momentum around a federal law to build after the November election, regardless of who is in office.
“Next Congress, when you have it re-seated post-election, which will start next January, that will trigger a one- to two-year window where there’ll be a lot of activity,” Ingis said during Adweek’s NexTech 2020 Virtual Summit.
Ingis is also counsel for Privacy for America, a coalition founded by The Association of National Advertisers, American Association of Advertising Agencies, National Advertising Initiative and the Interactive Advertising Bureau.
He said the group is meeting with policy makers in both the House of Representatives and the Senate to discuss current drafts and proposals of a federal law.
“While the pandemic in particular has put a pause on … committee hearings and open deliberations for privacy legislation given other priorities right now, the behind-the-scenes work … continues, so almost on a weekly basis our initiative, Privacy for America, is meeting with various policymakers,” Ingis said.
Privacy for America shared a framework for national privacy legislation last December to establish a law that would not rely on “burdensome ‘notice and choice’ schemes” to protect user data.
“Rather, it would clearly define and prohibit practices that put personal data at risk or undermine accountability, while preserving the benefits to individuals and our economy that result from the responsible use of data,” according to the proposal.
Ingis believes a national law, like CCPA and unlike Europe’s GDPR, should give users the ability to opt out of being tracked or having their data sold. However, he acknowledged that option needs to be explained to consumers in a transparent way so they can understand the value exchange of the internet: swapping personal data for free, ad-supported content.