- CEOs from some of the largest companies in the world — including Amazon, Walmart, Salesforce, IBM and AT&T — co-signed a letter to Congressional leadership calling for a comprehensive federal consumer data privacy law on Tuesday.
- "Consumer trust and confidence are essential to our business," the letter said, because of the intersection of consumer privacy and digital platforms for every kind of company. Without a federal law, the U.S.'s ability to maintain innovation and competition in the digital economy is "threatened."
- The CEOs, members of the Business Roundtable, issued a framework designed to avoid overlapping standards by calling on comprehensive rules that apply across industries.
While the Federal Trade Commission wrestles with Congress for greater authority, companies can use data as they see fit. This all unfolds as the U.S. remains behind Europe when it comes to data privacy laws.
The Roundtable is "united in our belief that consumers should have meaningful rights over their personal information," according to the letter. Having a consistent source of accountability under a federal law could deter any potential of data misuses.
CEOs banding together to craft a federal privacy bill will annul individual states' attempts at passing their versions of a data privacy law. California is the only state to pass a law closely resembling a comprehensive data privacy law.
Companies that collect data are "overwhelmed with the variation" of state laws, Ameesh Divatia, co-founder and CEO of data protection software company Baffle, told CIO Dive in an email.
Companies also face complications because compliance is required in accordance with where customers live.
A true comprehensive data privacy law has to answer these questions:
How is consumer data collected and used?
How is the data stored?
What are a company's ethics in terms of data collection?
What is the process for copying or deleting data upon verifiable request from consumers?
Having a law that can answer these questions will protect consumers and companies from potentially violating data trust. A patchwork of laws could frustrate companies operating across state lines.
Retail, financial services and healthcare businesses (all present in the letter) "are likely to fight the hardest" for a federal law, according to Divatia. Because these businesses are more likely to partner with third parties for collecting data, they potentially have more to lose in light of a breach.