Bloomberg Government subscribers get the stories like this first. Act now and gain unlimited access to everything you need to know. Learn more.
Comprehensive privacy legislation for the first time advanced out of a US House committee Wednesday, giving momentum to a long-sought measure that still faces several hurdles to becoming law.
The House Energy and Commerce Committee approved the bipartisan, bicameral American Data Protection and Privacy Act (H.R. 8152) 53-2, teeing it up for a floor vote as consumers and industry alike call on Congress to take action. Consumer Protection Subcommittee Chair Jan Schakowsky (D-Ill.) told reporters she is hoping for a floor vote next week, citing conversations with House leadership.
“This legislation is our best hope at protecting Americans’ privacy and data security, while also providing certainty to American businesses,” Chair Frank Pallone (D-N.J.) said during the markup. The measure would require companies to collect the least amount of data possible to provide services, and would implement special protections for kids and allocate enforcement responsibilities to the Federal Trade Commission.
The bill continues to face pushback from California lawmakers who worry it may undermine their state law. The California Privacy Protection Agency, tasked with enforcing the state law, has voiced concern with the bill as well.
The panel adopted changes in an amendment offered by Pallone and ranking member Cathy McMorris Rodgers (R-Wash.), in part to appease Californians. The modified language would give the California agency express authority to enforce the federal law in the same way as it would otherwise enforce the California Consumer Privacy Act.
But it wasn’t enough. While the bill made it through the panel, California lawmakers made clear they wouldn’t vote for it as-is on the House floor.
“Without additional changes, it will not have my support on the floor,” Doris Matsui (D-Calif.) said. “That’s what I’ll be voting for today, additional discussion, because we are not there yet.”
The panel rejected Rep. Anna Eshoo’s (D-Calif.) amendment to replace language preempting state laws with a “preservation” clause that says a state law isn’t inconsistent with a federal law if it offers greater protection.
“I recognize that this law would be an improvement for much of the country, but I can’t say the same for my constituents and all Californians,” said Eshoo, one of two California Democrats who voted against the bill.
Schakowsky suggested not all Californians needed to be on board for the bill to pass the House. “I think we have the votes to pass the bill. We’d like to do it with strong Democratic support, and hopefully we’ll even get most of the Californians,” she said.
The bill’s path in the Senate is unclear. Senate Commerce, Science, and Transportation Chair Maria Cantwell (D-Wash.), who has her own privacy legislation, opposed the original House bill and hasn’t taken a public position on the amended version approved by the panel.
Members of the Energy and Commerce Committee made several changes to bill before advancing it, including adopting language to address the heightened privacy sensitivities of young people.
An amendment offered by Rep. Kathy Castor (D-Fla.), who has been a leading voice on children’s privacy, would increase companies’ responsibility to mitigate privacy risks for individuals under age 17, and direct them to take into account the developmental needs of different age ranges in their privacy policies. The amendment was cosponsored by Rep. Tim Walberg (R-Mich.).
Castor, speaking to her California colleagues, submitted for the record a statement by kids’ advocacy group Common Sense Media that states the bill would provide children far greater protection than the state law.
An amendment offered by Reps. Debbie Lesko (R-Ariz.) and Annie Kuster (D-N.H.) would ensure entities such as the nonprofit National Center for Missing and Exploited Children can access data to continue their work to help find missing children, reduce child sexual exploitation, and prevent child victimization.
The committee also approved amendments to ensure biomedical research centers can share data, to set standards for techonology-neutral protection of consumer data, and to exempt small businesses from a requirement to have privacy and data security officers.
To contact the reporter on this story: Maria Curi in Washington at email@example.com