Senate Commerce Looks to Address Data Privacy, Security in Early 2019
Senate Commerce Committee lawmakers told us last week they are motivated to address data security and privacy issues early in 2019, amid a steady stream of breaches. Sen. Richard Blumenthal, D-Conn., told reporters he’s hopeful for a draft privacy bill with Sen. Jerry Moran, R-Kan., “early in the next session.” Chairman John Thune, R-S.D., and his likely committee successor, Sen. Roger Wicker, R-Miss., plan to advance the panel’s privacy effort and address a wide range of data breach issues.
Thune and Wicker are “chatting all the time” about the transition, Wicker told reporters. If Thune introduces his own draft before this year, as expected (see 1809260050), “I’d love to see it. … It will be a great transition, but sadly we are running out of time for this year.” Thune will continue to be a key player in 2019 as the No. 2 Senate Republican, Wicker said. “Every suggestion he has will be met with appreciation.”
Thune was asked whether one bill can address both privacy and security issues like the recently revealed Marriott breach (see 1812040036). “I think we’re going to come up with a solution that addresses as wide a range of these issues as possible,” Thune said: The committee’s ongoing privacy debate is leading to “a legislative approach that will hopefully prevent these things from happening in the future.”
It’s unlikely one bill will address all issues, Moran told us. “Just generally, there’s not one piece of legislation that can solve every problem, but it’s imperative for us to work to get to a conclusion.” This continuum of “instance after instance” means the importance of “finding a solution is evident,” he said.
“We have to start with a bill and see how many issues we can address,” Blumenthal said. “But security breach is a discrete issue where penalties and safeguards are necessary.” He said there are “very serious issues” about credibility of Facebook CEO Mark Zuckerberg’s testimony (see 1806050044), given recent revelations about platform data collection and business models (see 1812050042). Those issues include app developers similar to Cambridge Analytica and data manipulation that advantages Facebook, not consumers, Blumenthal said. “Facebook has been less than fully candid and seems to have a model of … pay-for data with its companies,” he said. “It’s been seemingly totally ruthless and relentless in obtaining data without sufficient safeguards for privacy or consumers.” The company didn't comment.
Hopefully, data security and privacy is one of the first items the next Congress addresses, Sen. Jon Tester, D-Mont., told us. “This is a long list of breaches that are unacceptable.” The Marriott breach shows Congress must act, Sen. Catherine Cortez Masto, D-Nev., told us. “This isn’t going to go away,” she said. “No big company is immune to this, and we’ve got to … make sure that personal information and data of individuals is protected.” Cortez Masto is working on her own privacy bill (see 1811270058).
Wicker also was asked about emerging issues with facial recognition technology. Microsoft President Brad Smith urged Congress Thursday to address regulatory issues in any new privacy bill (see 1812060049). Wicker asked whether someone whose face is exposed in public has a “reasonable expectation” for privacy, suggesting agencies should be able to take advantage of the technology to a degree. Data collection practices associated with the technology should be addressed in a bipartisan manner, Wicker said.