What has Kirsten Gillibrand been doing since she dropped out of the Presidential race?
Working on the privacy issue. The New York Democrat has introduced a Senate bill that would, in effect, set up a data czar.
Gillibrand’s Data Protection Act Of 2020 would establish the Data Protection Agency (DPA), an executive body with a director appointed by the President for a five-year term and confirmed by the Senate.
The DPA would set rules and issue guidance for carrying out federal privacy laws, ranging from CAN-SPAM to TCMA.
In addition, it would represent the U.S. in international forums and have the authority to investigate, subpoena and issue civil investigative demands.
There is probably little chance that such a bill will be passed and signed in this political year. But if it did, the DPA would be the U.S. equivalent of Europe’s national data authorities.
According to Gillibrand’s office, the DPA would have three core objectives:
- Give Americans control and protection over their own data by creating and enforcing data protection rules.
- Maintain the most innovative, successful tech sector in the world by ensuring fair competition within the digital marketplace.
- Prepare the American government for the digital age.
Gillibrand calls data “the new oil,” and adds: “Like the oil boom, little thought is being given to the long-term consequences.”
Companies are “ignoring regulations, putting profits above responsibility, and treating consumers as little more than dollar signs,” she says.
The bill contends thatthe unrestricted collection of personal data endangers the chances for a person to “secure employment, insurance, credit, and housing and the right to due process and other legal protections.”
What is personal data? The bill defines it as follows:
Industry observers support the legislation.
The DPA would place “a single focus on consumer data usage and take steps towards mitigating current issues,” statesTed Sfikas, RVP, North America solutions consulting at Tealium, a data management and protection company.
Sfikasadds that “there would finally be an organization solely concerned with data privacy and data collection transparency, with the consumer’s interest in mind. This is in contrast to the current FTC mandate, which is riddled with numerous responsibilities that make data privacy enforcement less likely to be effective.”
The bill is also supported by academic sources.
"Data centers in the U.S. are vulnerable to attack, and as a country we need to do a much better job with data security,” states Bruce Schneier, Fellow and lecturer at Harvard Kennedy School, according to Gillibrand’s office. “That's why the U.S. needs a data protection agency.”
“Just like 19th-century Americans got a federal regulatory agency to curb the power of the railway magnates, 21st-century Americans deserve one to tackle the problems of the tech industry,” adds Professor Francesca Bignami, Leroy Sorenson Merrifield Research Professor of Law, The George Washington University Law School.
The bill has drawn support from several groups, including Public Citizen, Color of Change, Consumer Federation of America, U.S PIRG, Center for Digital Democracy, Consumer Action, Campaign for a Commercial-Free Childhood and Parent Coalition for Student Privacy.