U.S. Sen. John Thune (R-S.D.), chairman of the Senate Committee on Commerce, Science, and Transportation, today led a hearing entitled, “Examining Safeguards for Consumer Data Privacy.” The hearing examined privacy policies of top technology and communications firms, reviewed the current state of consumer data privacy, and offered committee members the opportunity to discuss possible approaches to safeguarding privacy more effectively.
During the hearing, Thune questioned a panel of executives from technology and communications firms on legislative actions that can be taken to strengthen data privacy without discouraging innovation.
Thune’s opening remarks (as prepared for delivery):
“A decade from now, we may look back and view this past year as a watershed with respect to the issue of consumer data privacy.
“A year ago this month, news of the massive Equifax data breach made headlines.
“Shortly thereafter, we brought the company’s then-current and former CEOs before the committee for a public accounting.
“Then, in April, the Commerce and Judiciary Committees held a joint hearing with Facebook CEO Mark Zuckerberg after revelations that political intelligence firm Cambridge Analytica had acquired access to the personal data of millions of unwitting Facebook users.
“In May, the European Union’s General Data Protection Regulation – known as G-D-P-R – took effect, with many privacy-related mandates and severe penalties for violators.
“In June, the Consumer Protection Subcommittee held a hearing entitled “Cambridge Analytica and Other Facebook Partners: Examining Data Privacy Risks,” where Aleksandr Kogan, the Cambridge University academic at the center of the Cambridge Analytica controversy, testified.
“On June 28th, the California Consumer Privacy Act was signed into law. Like GDPR, the new California law—which will take effect on January 1, 2020—contains many privacy mandates and severe penalties for violators.
“These developments have all combined to put the issue of consumer data privacy squarely on Congress’s doorstep. The question is no longer whether we need a federal law to protect consumers’ privacy.
“The question is what shape that law should take.
“To examine the impact of all of these developments, we are pleased to be joined today by representatives of some of the leading technology companies and internet service providers in America.
“There is often a temptation to lump industry leaders like these together, as if they were all the same.
“But, as we’ll hear today, they actually have very different approaches to the collection, use, and protection of consumer data.
“I expect the witnesses to offer candid testimony about how their companies seek to address privacy concerns about their products and services, and how new privacy requirements impact them.
“I want to hear how they are complying—or planning to comply—with GDPR and the California Consumer Privacy Act, the advantages and disadvantages of both laws from their perspectives, and the steps they believe the federal government should take to help protect consumer privacy.
“I hasten to add that this will not be the only hearing on consumer data privacy we will hold.
“Some have expressed angst that we have an industry-only panel today.
“Let me reassure anyone who thinks we’re going to be rushing through legislation without the benefit of alternative views that things don’t work that way here.
“Early next month, we intend to convene a second hearing that will include privacy advocates as well as other key stakeholders.
“Alastair MacTaggert, the California privacy activist, and Andrea Jelenik, the head of GDPR enforcement for the European Union, have already agreed to testify.
“It’s also important to remember that, while we have not enacted a comprehensive national data privacy law, concern about privacy is not a new issue for Congress.
“Over the past 20 years, Congress has enacted laws on privacy affecting particular segments of the population and sectors of the nation’s economy, such as the Children’s Online Privacy Protection Act, the Health Insurance Portability Act, and the Gramm-Leach-Bliley Act.
“But now we have arrived at a moment where, I believe, there is a strong desire by both Republicans and Democrats, and by both industry and public interest groups, to work in good faith to reach a consensus on a national consumer data privacy law that will help consumers, promote innovation, reward organizations with little to hide, and force shady practitioners to clean up their act.
“While this hearing grows out of recent concerns about consumer privacy, it is not intended to be a “gotcha” hearing.
“Instead, it represents the beginning of an effort to inform our development of a federal privacy law that enjoys strong bipartisan support.
“Politics is always about timing, and I believe now is the time to begin action on this important issue.
“I look forward to working with colleagues on both sides of the aisle in the coming months.
“With that, I’ll recognize the Ranking Member for any comments he may have.”