As California moves ahead with what would be the most restrictive online privacy laws in the nation, the chief executives of some of the nation’s largest companies are taking their case to the nation’s capitol to plead for federal regulation.
Chief executives at Amazon, AT&T, Dell, Ford, IBM, Qualcomm, Walmart and other leading financial services, manufacturing and technology companies have issued an open letter to congressional leadership pleading with them to take action on online privacy, through the pro-industry organization, The Business Roundtable.
“Now is the time for Congress to act and ensure that consumers are not faced with confusion about their rights and protections based on a patchwork of inconsistent state laws. Further, as the regulatory landscape becomes increasingly fragmented and more complex, U.S. innovation and global competitiveness in the digital economy are threatened,” the letter says.
The subtext to this call to action is the California privacy regulations that are set to take effect by the end of this year.
As we noted when the bill was passed last year there are a few key components of the California legislation, including the following requirements:
Businesses must disclose what information they collect, what business purpose they do so for and any third parties they share that data with.
Businesses would be required to comply with official consumer requests to delete that data.
Consumers can opt out of their data being sold, and businesses can’t retaliate by changing the price or level of service.
Businesses can, however, offer “financial incentives” for being allowed to collect data.
California authorities are empowered to fine companies for violations.
There’s a reason why companies would push for federal regulation to supersede any initiatives from the states. It is more of a challenge for companies to adhere to a patchwork of different regulatory regimes at the state level. But it’s also true that companies, following the lead of automakers in California, could just adhere to the most stringent requirements, which would clarify any confusion.
Indeed, many of these companies are already complying with strict privacy regulations thanks to the passage of the GDPR in Europe.