The chief executive officers (CEOs) of 51 tech companies have signed and sent an open letter to Congress leaders today, asking for a federal law on user data privacy to supersede the rising number of privacy laws that are cropping up at the state level.
The CEOs of Amazon, AT&T, Dell, IBM, Qualcomm, SAP, Salesforce, Visa, Mastercard, JP Morgan Chase, State Farm, and Walmart, are just some of the execs who put their name on the dotted line.
Problems at the state level
CEOs blamed a patchwork of differing privacy regulations that are currently being passed in multiple US states, and by several US agencies, as one of the reasons why consumer privacy is a mess in the US.
This patchwork of privacy regulations is creating problems for their companies, which have to comply with an ever-increasing number of laws across different states and jurisdictions.
Instead, the 51 CEOs would like one law that governs all user privacy and data protection across the US, which would simplify product design, compliance, and data management.
"There is now widespread agreement among companies across all sectors of the economy, policymakers and consumer groups about the need for a comprehensive federal consumer data privacy law that provides strong, consistent protections for American consumers," the open letter said.
However, many privacy advocates (and even some tech CEOs) believe tech companies aren't really looking after users' interests, but their own. There's a belief that companies are trying to aggregate any privacy lawmaking under one roof, where lobby groups can water-down any meaningful user protections that may impact bottom lines.
Many companies make money by selling customers' personal or device-usage data to online advertisers. A privacy framework with too many teeth could prevent companies from selling certain types of data.
To help speed up the legislative process, the Business Roundtable group released their own consumer privacy framework [more here] that they'd like Congress to analyze and use as a base for any future law. This proposal includes many of the same provisions of the EU's General Data Protection Regulation (GDPR); however, in very broad terms.
GAO go-ahead for a GDPR-like clone
Earlier this year, in February, the US Government Accountability Office (GAO), a US government auditing agency, gave Congress the go-ahead for passing a federal internet data privacy legislation to enhance consumer protections, similar to the EU's General Data Protection Regulation (GDPR).
GAO recommended that the FTC be placed in charge of enforcing any future user data privacy legislation across the US.