According to a Washington Post report, the Trump administration has been in contact with Google, Facebook, Internet service providers (ISPs), such as AT&T and Comcast, as well as consumer groups to discuss a proposal for new online privacy rules.
The White House is reportedly aiming to create a “balance” between Internet users' privacy needs and U.S. companies' "prosperity."
White House's Blueprint for Congress
The U.S. president is not responsible for creating new laws, but the Washington Post said that the Trump Administration wants to create a “blueprint” that Congress can follow when writing the new privacy law.
According to the Washington Post, technology and telecom companies may see this as an opportunity to pass a federal privacy law that isn’t as strict and pro-consumer as some states have started to consider. California already implemented new privacy rules in June, and companies may fear that other states could follow in its footsteps.
Tech companies, such as Facebook, also know that Congress isn’t much on their side following the Cambridge Analytica privacy scandal. Many members of Congress have already made that clear in hearings with Facebook CEO Mark Zuckerberg looking to prevent such scandals from happening in the future. In those hearings, Zuckerberg himself admitted that some regulation may be needed.
However, despite all of these endorsements for a privacy law, a draft of the White House proposal seems to suggest that the new law would prevent states from passing their own additional privacy rules. It would also remove some liabilities from companies that mishandle user data.
U.S. Privacy Groups Are Cautiously Optimistic
The President of the Electronic Privacy Information Center (EPIC), Mark Rotenberg, said that limiting states from passing their own privacy rules could be a “non-starter for consumer organizations.”
Back when the Obama administration wrote its own draft for stronger privacy rules at the federal level, technology and advertising companies, such as Google and Facebook, were successful in killing that initiative through lobbying efforts.
However, consumer rights groups now believe that after Cambridge Analytica and other privacy scandals, it should be easier to convince Congress of the need to pass stronger privacy legislation.
The U.S. privacy groups also believe that the European Union (EU) has shown the way for how to write privacy legislation with the General Data Protection Regulation (GDPR) that went into effect earlier this year.
In the U.S., Senator Ed Markey has already introduced legislation that’s somewhat similar called the CONSENT Act. However, the bill only applies to “edge providers,” such as Google and Facebook, and not ISPs.
Another issue that may prompt Congress to adopt stronger privacy laws this time around is that either the EU Parliament or its top court (whichever gets to it first) may soon invalidate the U.S.-EU data transferring agreement.
Under the EU Charter of Fundamental Rights, companies that transfer EU citizens’ data outside of the union must offer “essentially equivalent protection.” The EU and Japan signed a trade deal this month in which Japan agreed to honor that requirement when dealing with EU citizens’ data. That’s still not the case in the U.S., especially as government agencies keep getting new powers and more access to American companies’ data.