Intel has produced what it bills as its third and final draft of proposed national privacy legislation, which was released May 25 to coincide with the one-year anniversary of the EU's General Data Protection Regulation Regime.
The first version was released Nov. 8, 2018, and an updated version released Jan. 28.
That came after Congress made it clear that there was bipartisan will for some kind of privacy legislation in the face of a series of data breaches, suspect third-party data sharing, and more.
The bill's avowed goal is to create "nationwide standards governing the collection, use and sharing of personal data."
Two key changes in take three of the bill is "clearer" guidance on what explicit consent means in terms of limiting the use of information and language giving the Federal Trade Commission independent litigating authority to provide "robust, harmonized and predictable enforcement with less political interference."
The bill would create a safe harbor from penalties for companies that self-certified they were in compliance, and would preempt state and local efforts to regulate personal data collection and processing.
"The year one anniversary of GDPR provides clear guidance for what the United States should and should not do to address the public’s concerns about data privacy," blogged David Hoffman, Intel associate general counsel and global privacy officer. "Intel’s proposal is not a copy of GDPR, but it does share the goal of strong enforcement with it. The Intel draft is a law tailored for the U.S.’s unique history and ethos of entrepreneurship and innovation, but it does learn from some of the main lessons from GDPR. We hope in turn that European regulators will learn from the Intel draft, as they look to further implement and hone GDPR."
"At this pivotal point in the privacy continuum, Congress must focus on three key things," said Adonis Hoffman, chairman of Business in the Public Interest and a former top FCC staffer. "First, it must act soon as the 2020 presidential primaries will soon be in full swing. Second, federal preemption of state laws should be a central provision of any legislation, primarily because a patchwork of different state laws is commercially infeasible, impractical and expensive. And third, a strong bill should incorporate elements of transparency, control, data security, and legal recourse for consumers. It must balance consumer protection with reasonable commercial practices, including third-party data usage -- not an easy task."