The State of State Privacy: Jake Morabito Breaks Down the Push for Federal Consumer Data Privacy Standards
It is going to be so important, again, as we’re talking about what a national AI framework is going to look like.
ALEC Senior Director of Policy Jake Morabito recently spoke at a policy event hosted by the Information Technology & Innovation Foundation on the state of state consumer data privacy legislation, and the implications of state policy as Congress pursues a uniform national privacy standard.
In his remarks, Morabito pointed to three ALEC model policies—the Principles on Online Privacy, the model Resolution for a Single Federal Standard for Consumer Privacy, and the model Resolution Opposing the Imposition or Expansion of Digital Trade Barriers—as a foundation for state legislators to ensure their constituents have access to meaningful privacy protections while avoiding the unintended consequences of the California Consumer Privacy Act or the Illinois Biometric Information Privacy Act.
Watch the full event recording here and see below for key highlights from the event:
————
On recent trends in state privacy legislation:
“There are about seven states this session that are working on privacy right now […] Something I have observed as far as trends is that you did have—I believe it was Maryland—pursue a different approach, focusing more on data minimization, and again diverging a little more from the [notice and consent model] that states were picking up. And I think, absent a federal solution, you want a lot of these state bills to harmonize.
“Several New England states, like Maine, Massachusetts, and some others, are kind of trying to follow that Maryland footprint. We talk a lot about a patchwork, but you might even get to a point where it becomes kind of mutually exclusive, where complying with one [law] may not result in compliance with another.”
On the impacts state privacy laws have on businesses and consumers:
“Something that I’ve observed is that, a lot of times, not only with privacy but some of these other tech bills, they are framed as pushing back against ‘Big Tech’ […] But oftentimes, it is normal, retail businesses or mom-and-pop businesses that are most directly impacted by this.”
On the need for a federal standard:
“Hopefully, a federal fix would truly harmonize the law […] The FTC, under the previous administration, was trying to usurp some of that privacy authority through the rulemaking process. That absolutely should be Congress driving that in legislation.
“It is going to be so important, again, as we’re talking about what a national AI framework is going to look like, what’s a national kids’ safety framework going to look like. It doesn’t make sense for me to do those two things without also doing privacy, and hopefully doing privacy first.”
On digital trade:
“Recognizing this continues to be an issue, we developed a model resolution for state legislators opposing the imposition or expansion of digital trade barriers, making some key points about how hindering cross-border data flows, you know, ultimately it is small and medium-sized businesses back home that are hurt by those measures.
“States can put pressure on the administration to make sure strong open data policies and smart cross-border data policies are in place.”