U.S. data privacy and security solutions emerging at the federal level
June 23, 2022 – Published on CSO
Although a handful of U.S. states have enacted strict privacy laws, the United States still lacks a comprehensive federal privacy statute, a vacuum that has fueled what many observers argue is a culture of “surveillance capitalism.” The lack of a national privacy law looms particularly large now as the Supreme Court seems poised to overturn its landmark abortion decision Roe v. Wade, which is likely to accelerate private data hunting expeditions by prosecutors and law enforcement in nearly 30 U.S. states.
The U.S. Congress and the Biden administration have recently taken surprising steps to tackle the problem of data privacy on a national basis through legislation, policy and regulatory measures that seek to stem the escalation of privacy-invading practices and technologies.
The most significant of these privacy measures is a draft discussion bill called the American Data Privacy and Protection Act (ADPPA), released by bipartisan House and Senate leaders on June 3. The 64-page bill has been compared in scope and force to some noteworthy predecessors, including the California Consumer Privacy Act (CCPA), the Health Insurance Portability and Accountability Act (HIPAA), and the EU’s General Data Protection Regulation (GDPR).
Gary Brickhouse, CISO and vice president of governance, risk, and compliance at GuidePoint Security, tells CSO that, “In general, it’s an absolutely a great idea. It’s something that we’ve needed for years.”
Brickhouse thinks a federal law could ease companies’ burdens in tracking and implementing a welter of state and international privacy obligations. “It’s really hard to navigate the current landscape, especially because [it’s hard to answer whether], ‘Is this customer data from the state of California, or is it from Washington or Virginia or Maryland?’ So, to some degree, this constant juggling has to happen,” he says.
Read More HERE.