Chinese hackers stealing technology from U.S. companies, Russian trolls interfering in our elections, U.S. tech leaders hauled before Congress to explain some new data breach or misuse of personal information – hardly a week goes by without Americans being bombarded with new revelations about assaults on our privacy.
The problem will only get worse as America’s physical industries – autos, construction and manufacturing of all kinds – go online. That will trigger explosive growth in the volume of personal information companies collect – and try to sell.
And while the United States leads the world when it comes to digital technology and data-driven commerce, we lag in updating our cybersecurity and privacy laws. Unlike Europe, which is implementing its General Data Protection Regulation (GDPR), Washington has no national standard for privacy.
States are moving to fill this policy vacuum. Following Nebraska and Alabama, California recently passed a law giving consumers the rights to know what information a business has collected about them, to “opt out” of a business selling their data, and to have their data deleted. That’s understandable, given growing public demands for data security, but a state-by-state approach to privacy makes little sense.
It would balkanize the seamless digital marketplace that has been key to America’s high-tech leadership, forcing consumers and businesses to run a bewildering gauntlet of varying standards, rules and enforcement regimes. Instead, we need a national privacy law that’s simple but strong, with one common standard and one set of rules that every company must follow and every consumer can understand.
U.S. voters need little convincing. A recent Expedition Strategies poll for PPI found that voters are very concerned about abuses of their personal information. 60 percent said they are worried about tech companies’ handling of privacy and data protection. It’s no wonder a solid majority (58 percent) backs national legislation enshrining consumers’ private rights, as shown in Figure 1.
PPI believes the new Democratic House majority should make a national privacy law a top priority for the next Congress convening in January. Since California’s new rules take effect in 2020, Congress should pass a national law by the end of the year.
Can a Democratic House and Republican Senate find common ground next year on a national privacy bill? The good news is that privacy is not intrinsically a partisan issue. It could provide an early test of Republicans’ willingness to work with Democrats to break the spell of tribal partisan warfare that hangs over Washington, and get our national government back in the business of solving national problems.