California, N.J. Urge House GOP Not to Preempt States on Privacy
Don't preempt state privacy laws, the California Privacy Protection Agency (CPPA) and New Jersey Attorney General Matthew Platkin (D) argued in comments to House Commerce Committee Republicans Monday as the lawmakers worked on drafting privacy legislation (see 2504070065).
Sign up for a free preview to unlock the rest of this article
“Existing federal privacy laws explicitly preserve states' abilities to adopt stronger protections for their residents,” said the CPPA, citing the Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), Fair Credit Reporting Act (FCRA), and Telephone Consumer Protection Act as examples. States “should remain vital testing grounds for creative approaches to emerging privacy concerns.”
However, the Entertainment Software Association argued for preemption of state privacy laws, federal regulator enforcement instead of private lawsuits and flexible standards for cybersecurity assessments. ESA called for narrow obligations regarding automated decision-making technology to facilitate the growth of AI technology.
Meanwhile, Internet Works called for the FTC to have primary enforcement authority, close alignment with the U.S.-EU Data Privacy Framework to enable cross-border data flows and safe harbor provisions for companies making “good-faith” compliance efforts. Internet Works members include Discord, Dropbox, eBay, Reddit, Roblox and Yelp.