Privacy

Artificial Intelligence, Privacy

BSA Testimony: Congress Can Craft Worthy Privacy Law by Drawing From Foundational Portions of State Laws

Congress should pursue a comprehensive federal privacy law worthy of preempting different states’ own privacy laws, Business Software Alliance (BSA) Managing Director of Policy Kate Goodloe said during a Senate Judiciary Subcommittee hearing on Wednesday. She urged lawmakers to draw from the 20 state privacy laws already enacted to consistently extend their protections nationwide.

“A federal privacy law should be worthy of preempting existing state laws—ensuring consumer privacy rights don’t vary based on where someone lives,” Goodloe said.

At the hearing, “Protecting the Virtual You: Safeguarding Americans’ Online Data,” Goodloe drove home the importance of extending privacy rights nationwide in a way that also builds on established and consistent features of existing state laws. Most notably, Goodloe stressed the essential distinction between controllers and processors of data, and tailoring responsibilities to each role. The distinction between controllers and processors, she said, reflects the modern economy and has formed the backbone of privacy laws worldwide for decades.

The existing approach in which states are acting on their own, she said, creates additional challenges.

“Adopting these changes on a state-by-state basis does not benefit consumers nationwide,” said Goodloe. “It creates confusion for consumers about how and when their rights apply and significant challenges for businesses trying to comply with an expanding set of state-level obligations.”

The hearing featured questions from Sens. Marsha Blackburn (R-TN), Adam Schiff (D-CA), and Amy Klobuchar (D-MN). Blackburn, who chairs the subcommittee, asked Goodloe about the intersection of artificial intelligence (AI) and privacy laws.

On the heels of BSA’s recent US AI Adoption Agenda, which outlined policies anchored in the adoption of AI and cloud technologies to fuel economic competitiveness, Goodloe stressed the need for any approach to AI have flexibility to accommodate changes in technology.

“It is important, as you look at these protections, to make sure they are flexible over time and to think through the uses that you want to apply to create the right set of safeguards,” Goodloe told the senators.

Privacy

Seven Years of the CLOUD Act: How It’s Modernizing Access to Digital Evidence

As digital data continues to grow at an unprecedented rate, the laws governing storage, privacy, and law enforcement agencies’ ability to access digital information have become more critical than ever. The end of March marked the seventh anniversary of the Clarifying Lawful Overseas Use of Data (CLOUD) Act, which tackles these issues on a global … Read More >>

Artificial Intelligence, Privacy

How to Strengthen US Global Leadership in Tech Policy

We are at a critical time in the development of the policies that will determine how emerging technologies are developed and deployed; where those technologies will create the most jobs; and who will set the rules of the road. Enter the second Trump Administration, which is keenly aware of the importance of the moment and has a track record on which it can build. Read More >>

Privacy

From Today to 2030: A Vision for Data Privacy

What will data privacy look like by 2030? This article explores the path to simpler rules, global cooperation, and a digital economy that works for everyone. Read More >>

Artificial Intelligence, Privacy

A Legitimate Interest in AI Training

Privacy regulators worldwide are examining how existing privacy laws apply to companies that create and use AI systems. One key question regulators confront is why companies process personal data for AI-related activities — and if they do so for a reason recognized in their country’s privacy law, such as if it is based on consent, necessary to perform a contract or if the company has a legitimate interest in the activity. Read More >>