Many have tried, all have failed. But there is a new attempt at establishing a comprehensive US federal privacy law on the horizon. On November 3, 2021, the Republican Energy & Commerce Committee introduced the Control Our Data Act, a comprehensive draft privacy bill to establish national standards for protecting consumers’ data privacy and security in the US.
The draft bill will be guided by four core principles which aim to promote innovation, increase transparency and accountability, and set clear rules for protecting consumers’ data privacy. The draft bill also makes an important distinction between large entities and small to mid-sized entities (SMEs) which aims to protect smaller businesses from undue regulatory burdens, while also introducing stricter requirements for organizations that handle greater quantities of personal information.
Several aspects of the draft bill have a close resemblance to the GDPR including Privacy by Design and risk assessment requirements. The draft bill also includes provisions for the establishment of the Bureau of Consumer Privacy Protection and Data Security. The Bureau will be charged with administering and enforcing data privacy and security laws as well as educating consumers of their rights and providing guidance for organizations.
There are four principles for the draft bill that are set out in order to guide the development of the Energy & Commerce Committee’s national privacy framework to protect innovation and data privacy in America.
The Energy & Commerce Committee’s draft bill makes an important differentiation between larger entities and SMEs to safeguard innovation in small businesses.
The draft bill outlines the following definitions:
Small to Mid-Sized Entity
Members of the Consumer Protection and Commerce Subcommittee will continue to lead the development of the draft bill with each member focusing on specific areas of the framework, including:
As with previous attempts to introduce a federal privacy law in the US, it remains to be seen whether there will be buy-in from both sides of the House to allow this draft bill to move forward. You can stay up to date with all the latest developments on the Energy & Commerce Committee’s draft privacy bill and other news related to federal privacy laws in the US through OneTrust DataGuidance Regulatory Research software. Sign up for a free trial to get started today.