Lawmakers Seek a National Standard on Consumer Data With New Bill

March 24, 2020

Data privacy and protection headline the latest bill introduced into Congress as lawmakers look to clarify what standards businesses should follow regarding consumers’ data.

On March 13, Sen. Jerry Moran (R-Kan.), Chairman of the U.S. Senate’s Commerce Subcommittee on Consumer Protection, introduced the Consumer Data Privacy & Security Act. The bill proposes creating federal regulations for businesses that collect and use consumers’ personal data. There are similar provisions found in this proposed legislation and the European Union General Data Protection Regulation and the California Consumer Privacy Act. 

The Consumer Data Privacy and Security Act would:

  • Establish a national standard for data privacy for businesses to follow rather than try to comply with separate and distinct state laws
  • Mandate that privacy policies be written in an easy-to-understand format and contain retention policies, categories and purposes of personal data collected, and whether and why any personal data is disclosed to third parties
  • Provide consumers with the right to access, correct and erase their personal data
  • Require businesses that collect large amounts of personal data to protect that information
  • Prohibit companies from collecting data without consumers’ consent in most circumstances

Given COVID-19’s impact to the economy and related legislative priorities, it is unknown whether this bill will gain immediate traction. One thing is certain: an appropriate and singularly purposed national law would clarify a business’s data protection obligations while still keeping with the overall goal of protecting consumers and their data. During this current period of economic restriction, reducing unnecessary costs of doing business should be a priority.

The summary of the bill and the full text of the bill can be found on Sen. Moran’s Senate web page.  

We will provide further updates as this and other legislative measures advance toward becoming official laws. Please contact Walt Green, Jason Pill or Gregory Reda if you have any questions regarding these specific legislative updates or with general cybersecurity compliance.