A US Senate subcommittee disclosed that it is preparing a draft of new legislation similar to GDPR for the United States. Senators Jerry Moran (Republican) and Richard Blumenthal (Democrat) are responsible for creating a bipartisan bill that will enshrine similar protections in the USA that GDPR has introduced in the EU.
Senator Blumenthal commented on the developments saying that it is necessary to have a systems of fines for data breaches. Early next year, the draft of the bill will be introduced that could grant the U.S. government the capability to issue civil penalties when an organization misuses consumer information or fails to prevent the theft of consumer information.
Last Tuesday, the Congressional subcommittee on Consumer protection, product safety, insurance, and data security argued the specifics of the legislation; however, there was no consensus on the terms of the bill. It was suggested that the FTC offer guidance and implement corrective penalties against businesses, groups or establishments that incorrectly use or fail to secure consumer information.
Under the EU’s GDPR that started to be enforced on May 25, 2018, companies can face a fine of €20 million or 4% of yearly global income for GDPR compliance failures. Some global companies such as Google, Twitter, Facebook and British Airways have already had to deal with GDPR complaints.
A GDPR-style bill in the US has a lot of support. Apple CEO Tim Cook stated in October that the rest of the world should follow the EU’s lead and that Apple will be in full support of a federal privacy law in the U.S.
The recommended data privacy laws are certain to meet considerable resistance from lobbyists and there’s no clarity yet with regards to the stance of large companies such as Microsoft, Facebook, Twitter and Google, as they all depend so much on gathering information from users of their services.
If your company has not yet reviewed or audited your information protection procedures, you need to make sure that you’re doing all that is possible to secure individuals’ privacy and be prepared for the passing of such legislation.