The U.S. Chamber of Commerce on Thursday released its set of legislative recommendations for Congress to consider if and when it tackles data privacy issues, and placed maximum emphasis on the ideas that “sensitive personal information” of individuals deserve the highest level of protection, and that state data privacy statutes should be preempted by new Federal law.
At the top line of legislative concerns, the Chamber endorsed the idea of Federal data security and breach notification rules as part of a larger “national privacy framework” that should include “risk-based” provisions to protect personal sensitive data. It also declared that “keeping this information secure is a top industry priority.”
Within the area of data security and breach notification, however, the Chamber argued that “security is different for individual businesses and one-size-fits-all approaches are not effective; therefore, companies should have flexibility in determining reasonable security practices.”
Not surprisingly given the organization’s pro-business bent, the Chamber called for Federal law to preempt state data security and breach notification requirements, saying that preemption would give consumers “consistent protections” and would cut compliance costs for businesses.