A coalition of chief executive officers (CEOs) representing 51 businesses urged congressional leaders to enact a federal privacy law that would preempt state laws and provide a uniform national framework.
Widespread agreement now exists among companies in all sectors of the economy about the need for a comprehensive federal consumer data privacy law, the CEOs of companies including Amazon, Comcast and Target wrote in the letter. The alternative—a patchwork of state laws with different rules and penalties—would be confusing to consumers and problematic for businesses, the companies said.
“Consumers should not and cannot be expected to understand rules that may change depending upon the state in which they reside, the state in which they are accessing the internet and the state in which the company’s operation is providing those resources or services,” according to the letter. “[A]s the regulatory landscape becomes increasingly fragmented and more complex, U.S. innovation and global competitiveness in the digital economy are threatened.”
The CEOs suggested that federal lawmakers consider a framework proposed by the Business Roundtable, which would provide consumers with “opportunities to exert reasonable control with regard to the collection, use and sharing of personal data” and permit companies “flexibility” as to how these controls could be exercised.
“We urgently need a comprehensive federal consumer data privacy law to strengthen consumer trust and establish a stable policy environment in which new services and technologies can flourish within a well-understood legal and regulatory framework,” the CEOs concluded. “Innovation thrives under clearly defined and consistently applied rules.”
To read the letter, click here.
Why it matters: While the letter didn’t single out particular state laws, companies nationwide are facing the rapidly approaching effective date of the California Consumer Privacy Act, which will allow consumers to learn what personal information has been collected about them, request that the data be deleted and prevent the sale of their information. Other states are following suit with their own laws, triggering corporate concern about multistate compliance problems.