The intertwined issues of data privacy and security have never been more at the forefront of debate, both internationally and domestically. With the passage of the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA), it has become increasingly clear that legislators and regulators around the world are beginning to move in response to years of high-profile data breaches and lack of transparency in data usage.
The danger to the advertising industry in the years ahead will be the potential proliferation of fifty different state privacy and security statutes, each with its own unique compliance requirements. The 4A’s firmly believes that given the boundary-less nature of the Internet economy, data privacy and security must be legislated at the national level.
4A’s Exclusive Guidance On GDPR And CCPA
Federal Privacy Legislation And Regulation
The United States has traditionally approached privacy in what is known as a “sectoral” approach. What this means is that instead of one comprehensive privacy law to cover all industries, the United States has created different sets of privacy laws based on subject matter, i.e. healthcare, credit, education, etc. While that approach has set the rules of the road for privacy for decades, the recent explosion of the use of data by both business and government has increasingly made it clear that the old sectoral approach isn’t going to work going forward.
Privacy For America
Privacy For America is cross-industry initiative co-founded by the 4A’s. The goal of Privacy For America is to pass comprehensive federal privacy legislation with a strong set of baseline consumer protections, and the flexibility to evolve as technology evolves, without going back to the drawing board every time a new technology raises privacy concerns.
Recent developments around contact tracing in the wake of COVID-19 have opened-up a new avenue of conversation between industry and Congress as to how comprehensive federal privacy legislation could help address the privacy concerns that have surfaced.
To learn more about Privacy For America, including recent news: https://www.privacyforamerica.com/overview/
State Privacy Legislation And Regulation:
While states have long legislated and regulated in discrete areas of privacy, California’s passage of the California Consumer Privacy Act (CCPA) in 2018 was the first time a state passed comprehensive privacy legislation. This was significant for multiple reasons, not least of which was the obvious concern from many businesses that they California would just be the first state to do this. And in the years following 2018, that concern has provide to be valid. Many states have begun introducing their own versions of comprehensive privacy legislation, versions that vary greatly from California’s. The 4A’s continues to be a strong advocate of comprehensive federal privacy legislation, as the issue of privacy and data legislation can simply not be consistently effectuated on a state-by-state basis.
In addition to comprehensive privacy state legislation, many states have addressed privacy issues on multiple fronts in 2020. To see issues the 4A’s has worked on at the state level in 2020, see below.
- Letter To CA AG Xavier Becerra Requesting A Delay In CCPA Enforcement
- Letter To CA AG Xavier Becerra Requesting Meeting Regarding Proposed CCPA Regulations
- Letter To CA AG Xavier Becerra On Revised CCPA Regulations
- Joint Industry Letter Requesting A Delay In CCPA Enforcement
- Joint Comments On Second Set of Modifications To The Proposed CCPA Regulations
- Letter In Opposition To CA AB 2414