51 tech company CEOs today signed and sent an open letter to Congress asking for help to hold off and supersede the rising number of state privacy laws growing like weeds. The letter was sent on behalf of the Business Roundtable, a group that has sent its own “Framework for Consumer Privacy Legislation” to Congress as a “jumpstart.” The proposal incorporates many of the same provisions as the GDPR, but in very broad terms. For example, the framework defines “personal data” as “data that is held by the organization and identifies or is identifiable to a natural, individual person.” This definition is far narrower than that in Article 4 of the GDPR, Section 1798.140 (o)(1) of the California Consumer Privacy Act, or indeed, under many state data breach notification laws.
The CEOs of Amazon, AT&T, Dell, IBM, Qualcomm, SAP, Salesforce, VISA, Mastercard, JP Morgan Chase, and Walmart are just some of the signatories to the letter. The CEOs blame a patchwork of differing privacy regulations at the state level, and within several US agencies creating compliance problems and increased costs for the companies.
“There is now widespread agreement among companies across all sectors of the economy, policymakers and consumer groups about the need for a comprehensive federal consumer data privacy law that provides strong consistent protections for American consumers.”