Sen. Jerry Moran, R-Kan., reintroduced the Consumer Data Privacy and Security Act, which is intended to provide Federal standards and regulations for American businesses that collect, process, and use consumers’ personally identifiable data.
Sen. Moran initially introduced the legislation in March 2020, but it did not advance out of the Senate Commerce, Science, and Transportation Committee. The legislation does not have any cosponsors at this time.
In a press release, Sen. Moran cited a recent survey that found 83 percent of voters feel data privacy regulation should be an important congressional priority this year, and said that was the impetus for reintroducing the bill.
“More and more Americans are recognizing the need for a clear Federal standard for data privacy that guarantees them the ability to determine how their personal data is used,” said Sen. Moran. “Americans need to be able to count on strong baseline responsibilities that businesses must uphold when collecting, processing, and protecting their personally identifiable information.”
Sen. Moran also touched on potential regulatory confusion as states have begun considering – and adopting – their own data privacy laws due to the absence of Federal regulations, with California and Virginia signing state regulations into law.
“Without action from Congress, consumers will continue to be vulnerable to future threats against their personal data, and innovators and job creators will be plagued with regulatory uncertainty resulting from a growing patchwork of state laws,” Sen. Moran said.
The Consumer Data Privacy and Security Act would:
- “Establish a clear Federal standard for data privacy protection, giving businesses a uniform standard rather than a patchwork of confusing state laws.
- Provide consumers with control over their own data to access, correct, and erase their personal data.
- Require businesses that collect and process a significant amount of personal data to take extra precautionary steps to protect and responsibly process that data.
- Prohibit companies from collecting data without consumers’ consent with limited and specific exceptions.
- Require businesses to develop and implement robust data security programs to protect personal data from unauthorized access and disclosure.
- Equip the Federal Trade Commission (FTC) and state attorneys general with authority to uniformly enforce Federal consumer privacy protections while providing the FTC the resources necessary to carry out those authorities.”
The bill does not appear to have companion legislation in the House.