3 minute read | June.23.2022
The House Subcommittee on Consumer Protection and Commerce held a June 14 hearing, “Protecting America’s Consumers: Bipartisan Legislation to Strengthen Data Privacy and Security,” to listen to testimony from consumer advocates and industry representatives on the recently proposed American Data Privacy and Protection Act (ADPPA).
The bipartisan initiative faces new headwinds following June 22 remarks by Senate Commerce Chair Maria Cantwell (D-WA), who cited “major enforcement holes” in the legislation on preemption issues — but expressed hope that the sponsors could offer revisions.
The bill also provides general exceptions and the right to cure, and outlines enforcement provisions for the FTC, state attorneys general, and, beginning four years after the law goes into effect, rights for individuals (or a class) to bring a lawsuit in federal court to obtain compensatory and injunctive or declaratory relief, and reasonable attorneys’ fees and costs. The ADPPA takes a “jigsaw” approach that broadly claims preemption of state privacy laws, but preserves certain areas of state law (e.g., civil rights, data breach notification, and general consumer protection laws) and certain state-specific laws.
A House Energy & Commerce Committee memorandum stressed the need for federal regulation, explaining that the current patchwork approach to data privacy often results in companies self-monitoring their data practices, and consumers not having control over the use of their data. The memo also discussed the FTC’s reliance on its UDAP authority under Section 5 of the FTC Act, which is limited in scope as well as in the amount of relief the agency may obtain.
Subcommittee Chair Jan Schakowsky (D-IL) noted that while the road to this point has been “long” and “sometimes grueling,” the draft proposal (which reflects feedback gathered from six roundtables held with a range of stakeholders) provides “transformational privacy protections for all Americans,” as well as “regulatory certainty for the business community while taking care to promote innovation and protect small businesses.”
Committee Chairman Frank Pallone Jr. (D-NJ) stressed that comprehensive federal privacy legislation “is necessary to limit the excesses of Big Tech and ensure Americans can safely navigate the digital world.” He added that Big Tech should face additional requirements and obligations and that data brokers that profit from buying and selling consumer data should be identified.
Ranking subcommittee member Gus Bilirakis (R-FL) opened the hearing by referring to the bill as “historic,” but noting that it is currently a discussion draft and that the committee “should spend our time today learning how we can make it better.” He said the draft “establishes a delicate balance for putting control [of] data back into the hands of everyday Americans, while providing businesses with fair rules of the road and preserving their ability to innovate.”
The subcommittee heard from witnesses who generally agreed that federal privacy legislation is “long overdue” and “urgently needed,” but highlighted several areas of concern: