Differences Among Countries Pose Hurdle for International Privacy Framework, Capito Says
Developing an internationally applicable online privacy framework is a major hurdle, given fundamental differences among the U.S., the EU and adversaries like China and Russia, Sen. Shelley Moore Capito, R-W.Va., told us Tuesday. Industry representatives and a conservative scholar described during a Senate Internet Subcommittee hearing anti-business impacts of EU’s general data protection regulation.
“I don’t see how you’re going to get everyone on the same page. … We see privacy differently than the EU, and certainly they do in Russia and China,” Capito said, suggesting a broad approach to addressing digital privacy in the U.S. “It’s something we need to continue moving forward on because this is not going to go away obviously, and it’s going to get bigger and broader.”
Capito said the Department of Homeland Security’s plan to centralize cybersecurity operations (see 1803080038) is a good approach for addressing cyber-related concerns. Sen. Jim Inhofe, R-Okla., told us the U.S. “needs to determine a way to make sure we’re not sharing things with the two core adversaries that we have in China and Russia,” saying there aren't enough adequate protections.
Subcommittee Chairman Roger Wicker, R-Miss., said during opening remarks the internet's global nature means foreign rules extend beyond borders. He argued U.S. companies are experiencing disruptions from the patchwork of internet regulations developing around the world. U.S. businesses need to thrive in the digital economy to sustain U.S. leadership, he said.
Ranking member Brian Schatz, D-Hawaii, said the U.S. needs to maintain leadership to uphold democratic principles against adversaries. He criticized former Secretary of State Rex Tillerson and current National Security Adviser John Bolton for eliminating the Office of Cybersecurity Coordinator (see 1708030009). Schatz urged the White House to re-establish the position. The vacancy created a vacuum for authoritarian regimes, he said.
Former cybersecurity coordinator Christopher Painter, now a commissioner for the Global Commission on the Stability of Cyberspace, said China claiming absolute sovereignty over its cyberspace creates a digital wall. Advancing U.S. cyber policy requires immense communication with international partners, he said, agreeing his former office should be reinstated.
On the GDPR, American Enterprise Institute scholar Roslyn Layton described the EU regulation as a geopolitical move, not a humanitarian one. She said it's a reaction to “economic malaise” that’s not evidence-based. Individuals need to take more responsibility to understand impacts of the internet, she said, which is what’s missing in the GDPR.
Business Roundtable Vice President-Policy Denise Zheng testified the GDPR is going to cost U.S. Fortune 500 companies $7.8 billion this year. This “fragmented digital landscape” developing with the GDPR, California’s new privacy law (see 1807120043) and some 120 countries weighing their own laws will have the biggest impact on small startups, she said. Chertoff Group Executive Chairman Michael Chertoff cited enactment of the Clarifying Lawful Overseas Use of Data Act as an example of resolving differences among competing legal jurisdictions. He called the GDPR “overly bureaucratic.” GoDaddy Vice President-Global Policy James Bladel called the GDPR a barrier to free trade, standing in the way of reaching new customers.