With so much going on this year in terms of privacy and data breaches, there have been many who have somewhat optimistically believed that this would be the year when we get privacy legislation and a federal data security/breach notification law. Every year since I started this blog (2006), I’ve seen and posted such news items. And each year has come and gone without Congress passing any legislation. At a hearing this week, the pushback against privacy legislation was evident.
Sarah Lai Stirland reports:
Federal legislative proposals to help consumers to effectively stop companies from tracking them online without their knowledge might “break the internet,” a key Republican senator working on the legislation said in a hearing on the issue on Wednesday.
“In a world where people voluntarily share very personal information on web sites like Facebook and Twitter on a daily basis, I’m not entirely sure what consumer expectations are when it comes to privacy, but I am sure that different consumers have different expectations about privacy,” said Sen. Pat Toomey (R-PA) in a Wednesday morning Senate Commerce Committee hearing on privacy and data security.
Toomey said he was worried that the legislative proposals currently being discussed in Congress are a “solution in search of a problem.”
Read more on TPM.
While it is easy and often trendy to just dismiss any concerns raised by Republicans or write them off as pro-business, there’s nothing wrong with being pro-business as long as it’s not at the expense of individual rights. So we should consider the impact on commerce, but I am of the mindset that says that regulations that make it clear what businesses can and cannot do would actually be a boon to businesses as it would offer them a clear yardstick and some protection from complaints. It would also save them the time and inordinate expense of trying to comply with a hodge podge of state laws.
But as with data breach notification, a federal privacy bill will only be useful if it’s a strong bill that does not trump strong state laws but rather incorporates them at a national level.
Notice is not enough, Congress. Consumers need some recognized right to say “no” and have it enforced. And just because a dozen other internet users do not mind a, b, or c, well, they don’t get to waive my rights. Write and enact a law that respects the rights of those who are privacy-protective and everyone benefits. Do nothing or write a law that erodes individual rights in favor of commerce and we’ll all be back here next year. And the year after. And the year after….