Recently, the offices of various Members of Congress announced that their Members would be meeting to discuss comprehensive federal privacy legislation.[1] This meeting among the aides could represent a sign of growing recognition that an absence of uniform, national privacy protection poses a vacuum with respect to federal regulation directed to personal data.
In contrast to the United States, the European Union and China have passed comprehensive privacy legislation, leading proponents of uniform federal legislation to argue that the United States is falling behind. In the absence of any comprehensive nationwide privacy legislation, it has been left to the states to pass their own state-wide privacy legislation. This risks allowing individual states with the strictest privacy laws to become the standard-bearer for the rest of the country because national companies must typically comply, at the very least, with the privacy requirements of the strictest state. Indeed, many companies have already begun allocating significant resources towards compliance with California’s privacy law. Federal legislation could ameliorate this problem by setting a single standard that many states would likely adopt, and which, in any event, could pre-empt state law. And a federal law could help slow, or stop, big technology companies from ingesting large amounts of personal data without restriction. As Rep. Jan Schakowsky (D-IL) noted just this week, “We have to protect the privacy of consumer data which feeds into AI algorithms.”[2]