As the digital economy expands, more attention is being paid to the impact of data processing on consumers and how to maintain responsible and trustworthy treatment of personal information. Companies have responded to shifting consumer views and expectations about how data is collected and used online by developing new data transparency tools and controls. Policymakers are also seeking ways to ensure that data controllers exercise fair information practices to protect and empower users while also encouraging innovation and protecting economically vital flows of data, particularly across borders.
New technologies and data practices have stressed the traditional U.S. sectoral approach to protecting consumer privacy. In response, Congress should adopt a federal baseline consumer privacy law to ensure that consumers’ personal information is handled responsibly no matter where it is collected or who is processing it. This framework should set consistent transparency requirements, consumer controls, and accountability measures for data controllers, while empowering the Federal Trade Commission to carry out robust enforcement. Such a framework should be risk-focused, technology-neutral, and provide safe harbors and flexibility for organizations to make adjustments according to the needs of individuals and evolving technology.
Developing comprehensive and durable privacy rules requires balance. The desire to bring the power of government to bear on the issue is a strong one, but it must be set against the need to encourage innovation, unlock the incredible social value of big data, and not to infringe upon related values such as the freedom of speech. Overly prescriptive or onerous regulation risks creating high barriers to entry for new companies and may even prohibit the creation of beneficial new technologies and privacy protective techniques and services.
Most Recent Statements & Filings:
- CCIA Applauds EU-UK Data Flow Decision Brussels, BELGIUM — The European Commission today announced two new adequacy decisions for the transfer of EU personal data to the United Kingdom. With these decisions, the European Commission considers that the United Kingdom provides a level of protection of EU personal data that is equivalent to the EU’s laws. Once approved, UK and EU…
- EU Council e-Privacy Agreement Paves Way for Final Negotiations, CCIA Urges Further Improvements Brussels, BELGIUM — The EU Member States (“EU Council”) today approved a joint position on the e-Privacy Regulation, originally proposed in 2017. This decision paves the way for final negotiations with the European Parliament and the European Commission. The proposed e-Privacy Regulation entails new privacy rules that will affect how Europeans consume online services from…
- Industry Statement on Safeguarding Data Flows