Executives from some of the biggest tech companies were questioned by the Senate on Wednesday (September 26) on consumer privacy.
According to The Street, execs from Apple, Amazon, Alphabet, Twitter, AT&T and Charter Communications were called by the Senate Committee on Commerce, Science and Transportation to participate in testimony on crafting a federal privacy law, and how it could influenced by existing privacy laws such as Europe’s GDPR or California’s consumer privacy law.
While the executives agreed that a federal privacy law is necessary, they disagreed on issues such as how it should be created and enforced. There were also warnings that a “patchwork” of privacy laws across various states would hurt businesses, as well as concerns that compliance costs could also do harm.
But Dimitri Sirota, CEO of BigID, a data privacy firm that helps enterprises with GDPR compliance, isn’t convinced that compliance with U.S. privacy laws would place undue burdens on these huge companies.
“Compliance cost is a deflection in some regards. In a global economy, companies already have to comply to meet GDPR. The marginal cost to extend to the U.S. is minimal,” said Sirota. “The greater concern is possible liability, but the companies arguing this are missing the forest for the trees. People want transparency and accountability in how organizations manage their data.”
And Eve Maler of ForgeRock, a digital ID management firm, thinks that states might pass their own privacy laws before a national law is implemented.
“I believe we're going to see more states, like California, rolling out regulations before we see legislation at the federal level,” she said. “In terms of a U.S.-wide adoption of privacy laws, there are upsides if we can achieve elements of what we would call a ‘digital single market,’ similar to what GDPR is striving for in the EU. This hearing may be able to start the march toward that end goal.”