U.S. Sen. Roger Wicker, R-Miss., chairman of the Committee on Commerce, Science, and Transportation, will convene a hearing titled, “Revisiting the Need for Federal Data Privacy Legislation,” at 10:00 a.m. on Wednesday, September 23, 2020. This hearing will examine the current state of consumer data privacy and legislative efforts to provide baseline data protections for all Americans. The hearing will also examine lessons learned from the implementation of state privacy laws in the U.S. and the E.U. General Data Protection Regulation, as well as how the COVID-19 pandemic has affected data privacy.
- The Honorable Julie Brill, Former Commissioner, Federal Trade Commission
- The Honorable William Kovacic, Former Chairman and Commissioner, Federal Trade Commission
- The Honorable Jon Leibowitz, Former Chairman and Commissioner, Federal Trade Commission
- The Honorable Maureen Ohlhausen, Former Commissioner and Acting Chairman, Federal Trade Commission
- Mr. Xavier Becerra, Attorney General, State of California
*Witness list subject to change
Wednesday, September 23, 2020
Full Committee Hearing
This hearing will take place in the Russell Senate Office Building 253. Witness testimony, opening statements, and a live video of the hearing will be available on www.commerce.senate.gov.
In order to maintain physical distancing as advised by the Office of the Attending Physician, seating for credentialed press will be limited throughout the course of the hearing. Due to current limited access to the Capitol complex, the general public is encouraged to view this hearing via the live stream.
*Note: Witness list updated 9/21/2020
Chairman Roger Wicker
During this Congress, protecting consumer data privacy has been a primary focus of this Committee. We held one of the first hearings of my chairmanship to examine how Congress should address this issue.
At that time, we heard that individuals needed rigorous privacy protections to ensure that businesses do not misuse their data. We heard that individuals need to be able to access, control, and delete the data that companies have collected on them.
We heard that businesses need a consistent set of rules applied reasonably and fairly to allow for continued innovation and growth in the digital economy. And we heard that the Federal Trade Commission needs enhanced authority and resources in order to oversee and enforce privacy protections.
In the nearly two years since, members of this Committee have done a great deal of work developing legislation to address data privacy.
While we worked, the world of data privacy did not stand still. The state of California implemented its California Consumer Privacy Act (CCPA) and began enforcement this past summer. Long-held concerns remain that the CCPA is difficult to understand and comply with and could become worse if the law is further expanded and amended through an upcoming ballot measure this fall.
The European Union has continued to enforce the GDPR. The EU’s main focus appears to be going after the biggest American companies rather than providing clear guidance for all businesses with European citizens as customers.
The picture in Europe is even more complex following the recent court ruling invalidating the EU-U.S. Privacy Shield framework, which governed how U.S. companies treated the data of EU citizens. Though the issues in that case were more related to national security than consumer privacy, the result was yet more uncertainty about the future of trans-Atlantic data flows. I look forward to holding a hearing before the end of the year on the now-invalidated Privacy Shield.
The biggest new development that has impacted data privacy – as it has impacted so many facets of our life – is the COVID-19 pandemic, which has resulted in millions of Americans working from home. The increased use of video conferencing, food delivery apps, and other online services increases the potential for privacy violations. The need to collect a great deal of data for contact tracing and to track the spread of the disease likewise raises privacy concerns if done improperly.
For all of these reasons and more, the need for a uniform, national privacy law is greater than ever. Last week I introduced the SAFE DATA Act. I want to thank Chairman Thune, Senator Blackburn, and Senator Fischer for joining me on this important legislation.
The SAFE DATA Act would provide Americans with more choice and control over their data. It would require businesses to be more transparent and hold them to account for their data practices. It would strengthen the FTC’s ability to be an effective enforcer of new data privacy rules. And it would establish a nationwide standard so that businesses know how to comply no matter where their customers live, and so that consumers know their data is safe wherever the company that holds their data is located.
The SAFE DATA Act is the result of nearly two years of discussions with advocacy groups, state and local governments, nonprofits, academics, and businesses of every size and from every sector of the economy – my thanks to all of those. The diversity of voices was essential in crafting a law that would work consistently and fairly for all Americans.
Today, we have a chance to pass a strong national privacy law that achieves the goals of privacy advocates with real consensus among members of both parties and a broad array of industry members.
I urge my colleagues on this Committee to take a thorough look at the SAFE DATA Act, consider all that we can accomplish for consumers, and work together to pass this landmark legislation that will create strong and consistent privacy protections for years to come.
And I now turn to my dear friend and Ranking Member for her opening remarks.
Ranking Member Maria Cantwell
Thank you, Mr. Chairman. Thank you to the witnesses for being here today and thank you for continuing to work on this important issue.
Protecting Americans’ privacy rights is critical, and that has become even sharper in the focus of the COVID-19 crisis, where so much of our lives have moved online. The American people deserve strong privacy protections for their personal data, and Congress must work to act in establishing these protections.
Last year, along with Senators Schatz, Klobuchar, and Markey, I introduced the Consumer Online Privacy Act. The bill is pretty straightforward. It provides foundational privacy rights to consumers, creates rules to prevent abuse of consumer data, and holds companies accountable with real enforcement measures. Unfortunately, other legislation throughout the legislative process, I think has taken different approaches. These bills allow companies to maintain the status quo, burying important disclosure information in long contracts, hiding where consumer data is sold, and changing the use of consumer data without their consent. So obviously, I believe these loopholes are unacceptable.
Most strikingly, these bills would actually weaken consumer rights around the country by preempting stronger state laws. Attorney General Becerra is with us today and I appreciate him being able to join us, because this would have an impact on a broad preemption, I should say, would have an impact on 40 million Californians who are protected by your privacy law and the privacy protections in your state. So we need to resolve this issue. But we can't do so at the expense of states who have already taken action to protect the privacy of their citizens.
Finally, we also know that individuals must have the right to their day in court, when privacy is violated, even with the resources and expertise and enforcers like the FTC--many of you, I know, know these rules well, and Attorneys General--we will never be able to fully police the thousands and thousands of companies collecting consumer data if you are the only cop on the beat.
So I'd like to go further, but there are many issues that we're going to address here. I want to say that the legislation also needs to cover the complex issues of, you know, health and safety standards and important issues. The Supreme Court discussion that we're now having, I think will launch us into a very broad discussion of privacy rights and where they exist within the Constitution. To me this is incredibly important.
Just this recent court ruling that put at risk the little known but vital important provision of the FTC Act 13B, which allows the FTC to go to court to obtain refunds and other redress for consumers--the 10 billion dollars for example in the Volkswagen case--without this provision, the core mission of the FTC would be crippled.
So I think all of these issues, and the important issues of privacy rights, should and will have a fair discussion, if we can have time to discuss them in this process. I believe the issue of how the government interferes in our own privacy rights, whether the government oversteps our privacy rights, is a major issue to be discussed by this body in the next month. I don't believe in some of the tactics that government has used to basically invade the privacy rights of individuals.
And Mr. Chairman, next week the minority will be introducing a report that we've been working on about the value of local journalism. I believe the famous economist who said that markets need perfect information. We're talking about the fact that if markets are distorted by information, then that really cripples our economy. Well I think local journalism in a COVID crisis is proving that it's valued information with the correct information on our local communities, and I think that this is something we need to take into consideration as we consider privacy laws and we consider these issues moving forward. So thank you, Mr. Chairman.
Witness Panel 1
The Honorable Julie BrillFormer CommissionerFederal Trade Commission
The Honorable William KovacicFormer Chairman and CommissionerFederal Trade Commission
The Honorable Jon LeibowitzFormer Chairman and CommissionerFederal Trade Commission
The Honorable Maureen OhlhausenFormer Commissioner and Acting ChairmanFederal Trade Commission
Mr. Xavier BecerraAttorney GeneralState of California