privacy

Artificial Intelligence, Privacy

BSA Testimony: Congress Can Craft Worthy Privacy Law by Drawing From Foundational Portions of State Laws

Congress should pursue a comprehensive federal privacy law worthy of preempting different states’ own privacy laws, Business Software Alliance (BSA) Managing Director of Policy Kate Goodloe said during a Senate Judiciary Subcommittee hearing on Wednesday. She urged lawmakers to draw from the 20 state privacy laws already enacted to consistently extend their protections nationwide.

“A federal privacy law should be worthy of preempting existing state laws—ensuring consumer privacy rights don’t vary based on where someone lives,” Goodloe said.

At the hearing, “Protecting the Virtual You: Safeguarding Americans’ Online Data,” Goodloe drove home the importance of extending privacy rights nationwide in a way that also builds on established and consistent features of existing state laws. Most notably, Goodloe stressed the essential distinction between controllers and processors of data, and tailoring responsibilities to each role. The distinction between controllers and processors, she said, reflects the modern economy and has formed the backbone of privacy laws worldwide for decades.

The existing approach in which states are acting on their own, she said, creates additional challenges.

“Adopting these changes on a state-by-state basis does not benefit consumers nationwide,” said Goodloe. “It creates confusion for consumers about how and when their rights apply and significant challenges for businesses trying to comply with an expanding set of state-level obligations.”

The hearing featured questions from Sens. Marsha Blackburn (R-TN), Adam Schiff (D-CA), and Amy Klobuchar (D-MN). Blackburn, who chairs the subcommittee, asked Goodloe about the intersection of artificial intelligence (AI) and privacy laws.

On the heels of BSA’s recent US AI Adoption Agenda, which outlined policies anchored in the adoption of AI and cloud technologies to fuel economic competitiveness, Goodloe stressed the need for any approach to AI have flexibility to accommodate changes in technology.

“It is important, as you look at these protections, to make sure they are flexible over time and to think through the uses that you want to apply to create the right set of safeguards,” Goodloe told the senators.

Privacy

From Today to 2030: A Vision for Data Privacy

What will data privacy look like by 2030? This article explores the path to simpler rules, global cooperation, and a digital economy that works for everyone. Read More >>

Artificial Intelligence, Privacy

A Legitimate Interest in AI Training

Privacy regulators worldwide are examining how existing privacy laws apply to companies that create and use AI systems. One key question regulators confront is why companies process personal data for AI-related activities — and if they do so for a reason recognized in their country’s privacy law, such as if it is based on consent, necessary to perform a contract or if the company has a legitimate interest in the activity. Read More >>

Artificial Intelligence, Cloud Computing, Cybersecurity, Data, Global Markets, Intellectual Property, Privacy, Procurement

BSA’s 2024 Year-in-Review

In 2024, BSA | The Software Alliance continued its work with policymakers worldwide with a focus on driving responsible artificial intelligence (AI), cybersecurity, data privacy, government procurement, and international data policy. Check out some of the highlights from our exciting year as we prepare for 2025. Read More >>

Artificial Intelligence

TRANSFORM Dialogue: Building Trust in the AI Era

During a featured panel at BSA’s TRANSFORM Dialogue, leaders in AI policy described how they are helping to build trust in this technology through business practices, partnerships, and regulations. Read More >>