New Federal Privacy Bill Unveiled

Efforts to get a federal privacy law on the books have been reignited with the bipartisan American Privacy Rights Act. House Committee on Energy and Commerce Chair Cathy McMorris Rodgers (R-WA) and Senate Committee on Commerce, Science and Transportation Chair Maria Cantwell (D-WA) announced the new federal privacy bill in an April 7^th press release.

The American Privacy Rights Act would establish national consumer data privacy rights and set standards for data security. The bill includes requirements on data minimization, opt-out rights, consumer rights to view, correct, export, or delete data, and privacy notices. Also included are restrictions for the use of covered data to discriminate against consumers and the requirement to provide consumers with the right to opt out of the use of algorithms for consequential decisions. If the bill becomes law, the Federal Trade Commission will be required to establish a data broker registry that any data broker with data of more than 5,000 people will have to register for annually. This section-by-section summary provides a breakdown of all the business requirements and consumer rights in the American Privacy Rights Act.

The bill would preempt state privacy laws that are already on the books, with some exceptions for consumer protections, civil rights, employee privacy, and others. Preemption was a point of contention with the American Data Privacy and Protection Act, a previous federal privacy bill that never reached a full House vote in 2022.

The American Privacy Rights Act authorizes enforcement by State Attorneys Generals and other officers of a State in Federal district court. It also includes a private right of action.

“This bipartisan, bicameral draft legislation is the best opportunity we’ve had in decades to establish a national data privacy and security standard that gives people the right to control their personal information,” said Chair Rodgers and Cantwell. “This landmark legislation represents the sum of years of good faith efforts in both the House and Senate. It strikes a meaningful balance on issues that are critical to moving comprehensive data privacy legislation through Congress. Americans deserve the right to control their data and we’re hopeful that our colleagues in the House and Senate will join us in getting this legislation signed into law.”

CompliancePoint will continue to monitor how the American Privacy Rights Act progresses through Congress. In the meantime, we have a team of privacy experts who can help your organization comply with the GDPR, CCPA, and all state privacy laws. Contact us at connect@compliancepoint.com to learn more about our services.