Over the years, there have been more than a few attempts to pass a comprehensive, federal privacy law. The American Data Privacy and Protection Act (ADPPA) is emerging to have the strongest chance of success after being passed after the House Energy and Commerce Committee voted 53-2 in its favor. The vote followed the release of an amended version of the bill as well as proposed amendments that were made during the committee session. It now moves forward to the House of Representatives for a full floor vote.
Committee members said in a press release:
“Today’s vote has been years in the making and is a major step forward in our bipartisan effort to establish national data privacy protections for all Americans.
The American Data Privacy and Protection Act puts people back in control of their online data. It creates a strong national standard that will finally minimize the amount of Americans’ information companies are allowed to collect, process, and transfer. This will rein in Big Tech’s power and establish clear, robust protections for people, especially children […]”
What amendments were made to the ADPPA?
Prior to the Committee markup and vote, an amended version of the ADPPA was released, which included several changes to the original bill submitted.
One amendment that has seen a lot of attention has been around the private right of action provided to individuals. Whilst the prior version of the ADPPA provided for a grace period of four years before an action could be taken, the amended ADPPA shortened this to two years.
In addition, the California Privacy Protection Agency has been included as an authority which may enforce the ADPPA in the same manner as it would otherwise enforce the California Consumer Privacy Act.
Changes have also been made to several definitions, such as the inclusion of a definition of a covered algorithm as well as requirements associated with this, expansion of what is considered to be sensitive covered data, and a revised definition of employee data.
What’s next for the ADPPA?
There is still much to discuss about the ADPPA and what a finalized version might look like. Prior to the Committee vote, the California Attorney General, along with a coalition of others, sent a letter to Congress, urging it to establish a baseline of consumer privacy laws which do not pre-empt US states from responding with legislation intended to address changing technologies, similar to the model established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
Committee members noted their optimism following the vote:
“We’re grateful to our colleagues on both sides of the aisle for their valuable contributions throughout the Committee process and look forward to continuing to work together to bring this national standard for privacy to the House floor soon.”
– Energy and Commerce Committee Chairman Frank Pallone, Jr. (D-NJ), full Committee Ranking Member Cathy McMorris Rodgers (R-WA), Consumer Protection and Commerce Subcommittee Chair Jan Schakowsky (D-IL), and Subcommittee Ranking Member Gus Bilirakis (R-FL)
To learn more about the ADPPA and US Privacy Law, visit OneTrust DataGuidance.