Lawmakers Set the Stage for the Privacy Debate

Lightspring/Shutterstock.com

Congress also took up bills to upgrade the power grid, combat Chinese tech threats and punish robocallers.

Republican lawmakers are taking their first stab at drafting privacy regulations, or at least pushing enforcement agencies to build a framework for them to follow.

Sen. Marco Rubio, R-Fla., on Wednesday introduced legislation that would give the Federal Trade Commission six months to make recommendations for a “comprehensive” federal privacy law. One year later, the agency would be required to draft and publish specific regulations it believes that law should include. If Congress doesn’t act on the FTC’s recommendations within two years, the bill would give agency the authority to enact their proposed regulations.

The American Data Dissemination Act would instruct the FTC to model its proposals after the Privacy Act of 1974, which limits federal agencies’ ability to collect data on citizens. Such an approach would address consumer privacy while “balanc[ing] the need to protect the innovative capabilities of the digital economy,” Rubio said in a statement.

But because the Privacy Act centers largely on data collection and disclosure, experts fear this bill would create to a framework that ignores problems with how companies use consumer data.

Another Privacy Possibility

Sens. Amy Klobuchar, D-Minn., and John Kennedy, R-La., introduced their own bipartisan privacy proposal that aims to give consumers greater control over their personal data.

The Social Media Privacy and Consumer Rights Act would give people the universal right to opt-out of online data collection and require companies to rewrite terms of service in understandable language. The bill would also force companies to notify consumers of data breaches within three days and give people the ability to see what data is being collected and shared about them.

“I don’t want to regulate Facebook or any private social media company, but these platforms continue to compromise their users’ private data,” Kennedy said in a statement. “Our legislation reinforces data privacy standards and requires these companies to be transparent with how they are using our private information.”

From China With Sanctions

A quartet of lawmakers on Friday introduced bipartisan legislation that would strengthen the government’s response to international technology theft and supply chain risks posed by global powers like China.

The bill, sponsored by Reps. Will Hurd, R-Texas, Dutch Ruppersberger, D-Md., Mike Conaway, R-Texas, and Jim Himes, D-Conn., would stand up a group within the White House to coordinate agencies’ efforts to protect the U.S. tech sector. The Office of Critical Technologies and Security would also be charged with creating a governmentwide strategy to combat state-sponsored technology threats.

The bill comes as the House counterpart to legislation proposed by Sens. Mark Warner, D-Va., and Marco Rubio, R-Fla.

Hurd’s New Assignment

Rep. Will Hurd, R-Texas, was named to the House Appropriations Committee. As former chairman of the House Oversight IT subcommittee, Hurd monitored agencies’ efforts to comply with FITARA and adopt new technologies like artificial intelligence. As he and the group’s former ranking member Robin Kelly, D-Ill., settle into high-profile posts on separate committees, it’s unclear who will take over the IT subcommittee—or if the group will continue in the 116th Congress at all.

Play It Again, Sam

With the 116th Congress well underway, lawmakers are giving numerous bills that died last session another shot at the president’s desk. Here’s the quick and dirty:

Sens. Jim Risch, R-Idaho, and Angus King, I-Maine, on Thursday reintroduced a bill that would push the government to explore new ways to secure the electric grid against cyberattacks. The Securing Energy Infrastructure Act would require the national laboratories to conduct a two-year pilot program to develop tech that isolates critical grid components from cyber threats and stand up a working group of agencies and industry experts to evaluate the tools. The bill unanimously passed the Senate in December but was never put to a vote in the House.

Also on Thursday, Sens. John Thune, R-S.D., and Ed Markey, D-Mass., renewed their call to increase punishments for people running robocall scams. The Telephone Robocall Abuse Criminal Enforcement and Deterrence, or TRACED, Act would give the Federal Communications Commission more legal leeway to pursue and prosecute robocallers. Under the bill, telecom companies would also need to adopt tools to sift out robocalls.

The Federal CIO Authorization Act, which Reps. Will Hurd, R-Texas, and Robin Kelly, D-Ill., reintroduced on Jan. 4, passed the House unanimously on Tuesday. The bill would elevate the federal chief information officer within the White House chain of command and designate both the federal CIO and federal chief information security officer as presidentially appointed positions. The measure still lacks a Senate counterpart.

Surveillance Shaming

Republicans on the House Energy and Commerce Committee are demanding wireless providers detail their data collection and sharing practices after a Motherboard report showed it’s possible to buy people’s real-time location data.

On Wednesday, lawmakers sent letters to Verizon, T-Mobile, Sprint and AT&T asking for information on the companies’ data sharing partnerships with third-party aggregators. They also requested Zumingo and Microbilt, third party data aggregators which were cited in the report, to disclose how the data they receive is aggregated and used.

“We are deeply troubled because it is not the first time we have received reports and information about the sharing of mobile users’ location information involving a number of parties who may have misused personally identifiable information,” Reps. Greg Walden, R-Ore., Cathy McMorris Rodgers, R-Wash., Robert Latta, R-Ohio, and Brett Guthrie, R-Ken., wrote in the letters. Companies have until Jan. 30 to respond.