The draft bipartisan data privacy bill is largely built on the framework of Cantwell’s bill with key differences.
Senate Commerce, Science, and Transportation Committee Chair Maria Cantwell (D-WA) is not on board with the discussion draft titled “American Data Privacy and Protection Act” (ADPPA) even though House Energy and Commerce Committee Chair Frank Pallone Jr (D-NJ), Ranking Member Cathy McMorris Rodgers (R-WA), and Senate Commerce, Science, and Transportation Committee Ranking Member Rocker Wicker (R-MS) used the structure of her “Consumer Online Privacy Rights Act“ (COPRA) (S.3195), she did not join them.
Without Cantwell’s support, Pallone, Rodgers, and Wicker will find it very difficult to pass data privacy legislation given that she controls the agenda for the committee of jurisdiction in the Senate. This is not to say that chairs cannot be bypassed, but it is a rare occurrence. Therefore, Cantwell will hold some sway over what a final data privacy bill will do. As mentioned yesterday, she has made public remarks signaling her acceptance of federal preemption of state privacy laws, a matter made easier for her in light of Washington state’s successive failures to enact a state-wide bill in recent years. Additionally, her comments suggest she opposes the four year wait in ADPPA for a private right of action and will insist that people be permitted to sue sooner after enactment, perhaps 18-24 months sooner.
A more significant sticking point is her insistence that U.S. residents be allowed to sue in the event there is “significant harm,” a concept from COPRA, her data privacy bill. Judging from ADPPA, this concept seems out of play and something that Pallone and other Democratic stakeholders were willing to give way on in the name of reaching agreement on a bill. Another flashpoint is Cantwell’s insistence that the duty of loyalty in ADPPA be more robust and along the lines of the duty of loyalty in COPRA. The “duty of loyalty” in ADPPA is a wan version of what Cantwell and three of her Democratic colleagues proposed. Moreover, given that Cantwell and the Democrats just pushed a bill through committee to restore Section 13(b) of the FTC Act, she will almost certainly press to have this included in any data privacy bill.
Before this piece turns to the substance of COPRA vs. ADPPA, it is useful to recall the history of the former. In late 2019, Cantwell was the ranking member of the committee she now chairs, and she and Wicker released contemporaneous data privacy bills that bore notable similarities but also notable differences. Neither bill saw the light of a markup, and her role and Wicker’s roles switched with the flipping of the Senate in the 2020 election. There were bipartisan talks behind the scenes and positive, hopeful remarks made at committee hearings on the subject. However, a compromise bill did not appear to be close, and Cantwell, Wicker, and others issued a number of bills. Wicker revised and released his “Setting an American Framework to Ensure Data Access, Transparency, and Accountability (SAFE DATA) Act” (S.2499) (see here for more detail and analysis.) As mentioned, later in 2021, Cantwell did the same with COPRA (see here for analysis and detail on the first iteration that is almost the same as the revised bill.)
And, here are developments and articles from last month. Being subscribed would mean getting these in a more timely fashion.
The United Kingdom’s (UK) Information Commissioner’s Office (ICO) published a “Best interests of the child self-assessment” for online services designers and developers to better comply with the UK’s Age appropriate design code.
The United States (U.S.) Department of Defense Cyber Crime Center (DC3) announced the end of the Defense Industrial Base-Vulnerability Disclosure Program (DIB-VDP) Pilot with 401 vulnerability reports “validated as actionable reports for remediation by the DIB system owners.”
New Australian Competition & Consumer Commission (ACCC) Chair Gina Cass-Gottlieb made a speech on “the importance of international co-operation between competition agencies and…[the] three areas of the ACCC’s work in which this cooperation is proving critical: digital platforms; mergers, and…our recently announced enforcement priorities, which include a focus on anti-competitive conduct in global supply chains.”
United States (U.S.) President Joe Biden signed an executive order and a national security memorandum “that will advance national initiatives in quantum information science (QIS), signaling the Biden-Harris Administration’s commitment to this critical and emerging technology…[and] lay the groundwork for continued American leadership in an enormously promising field of science and technology, while mitigating the risks that quantum computers pose to America’s national and economic security.”
The United Kingdom’s (UK) Digital Regulation Cooperation Forum (DRCF) (the Competition and Markets Authority, Financial Conduct Authority, Information Commissioner’s Office, and Office of Communications) published “its annual report, its workplan for the year ahead and two papers on algorithms with a call for comments.”
The United States (U.S.) Federal Communications Commission (FCC) “announced that it is ready to authorize $199,336,695 through the Rural Digital Opportunity Fund to fund new broadband deployments in 26 states and the Northern Mariana Islands bringing service to over 230,000 locations…the ninth round of program funding since July 2021, when the Commission announced the first approvals for applicant bids meeting the stringent requirements that Chairwoman Rosenworcel put in place to ensure the integrity of the program, which draws on funding in the high-cost universal service program.”
United States (U.S.) Senator Marco Rubio (R-FL) wrote Federal Communications Commission (FCC) Chair Jessica Rosenworcel “requesting the FCC to ensure dangerous Chinese telecommunications firms present in the U.S. are unable to evade restrictions and impair American national security.”
The United States Department of Homeland Security (DHS) Office of Inspector General (OIG) found that DHS “did not adequately follow its internal processes and comply with applicable Intelligence Community policy standards and requirements when editing and disseminating an Office of Intelligence and Analysis (I&A) intelligence product regarding Russian interference in the 2020 U.S. Presidential election.”
The Network Advertising Initiative (NAI), an industry trade group, published guidance titled “Best Practices User Choice and Transparency” “intended to help member companies better understand the practice of dark patterns and to implement the highlighted best practices to avoid them.”
The United Kingdom’s (UK) Department for Digital, Culture, Media & Sport published a white paper that “sets out the government’s vision for the broadcasting sector, and the steps we are taking to support our system of public service broadcasting.”
United States (U.S.) Senators Shelley Moore Capito (R-WV) and Amy Klobuchar (D-MN) “introduced the “Rural Broadband Protection Act” (S.4126), which would require a more thorough vetting and verification process for internet service providers seeking to participate in the Federal Communications Commission's (FCC) high-cost programs.”
The United States (U.S.) Department of Energy (DOE) announced “$3.1 billion in funding from President Biden’s Bipartisan Infrastructure Law to make more batteries and components in America, bolster domestic supply chains, create good-paying jobs, and help lower costs for families.”
Tweet of the Day
“The Amazonification of the American workforce” By Jason Del Ray — Vox
“Amazon could stymie unions for years by going to the courts” By Gerrit De Vynck and Rachel Lerman — Washington Post
“Global Chip Shortage’s Latest Worry: Too Few Chips for Chip-Making” By Asa Fitch — Wall Street Journal
“As grisly images spread from Ukraine, open-source researchers ask what’s too gory to share” By Leo Schwartz — Rest of the World
“Ukraine’s Online Volunteers Go After Russian Targets” By Justin Ling — Foreign Policy
“Google urges court to scrap $1.6 billion EU antitrust fine” By Foo Yun Chee — Reuters
“eSafety commissioner cautions basing tech policy on moral panic” By Anna Macdonald — The Mandarin
“Apple's closed world draws new fire” By Ina Fried and Ashley Gold — Axios
“CDC Tracked Millions of Phones to See If Americans Followed COVID Lockdown Orders” by Joseph Cox — Vice
“Facebook’s E-Commerce Bet Stumbles as Meta Looks to Revamp Its Ads Business” By Salvador Rodriguez and Charity Scott — Wall Street Journal
“‘We just wanted to play chess’: Russia blocks access to Chess.com” By Masha Borak — Rest of the World
“FAA wants U.S. airlines to retrofit, replace radio altimeters” By David Shepardson — Reuters
“Study: How Amazon uses Echo smart speaker conversations to target ads” By Thomas Claburn — The Register
“Apple lawsuit says 'stealth' startup Rivos poached engineers to steal secrets” By Blake Brittain — Reuters