Panelists representing small businesses advocated for Federal uniformity and preempt over state data privacy laws and against data protection regulations that would disproportionately burden smaller companies at a Senate Commerce, Science, and Transportation Committee Subcommittee on Manufacturing, Trade, and Consumer Protection hearing today.
Sens. Jerry Moran, R-Kan., chairman of the subcommittee, and Richard Blumenthal, D-Conn., opened the hearing by both arguing that the United States needs a clearly defined Federal data privacy law that protects consumers but does not hurt businesses–particularly small businesses, which could be impacted differently than larger corporations when faced with sweeping consumer data protection regulations.
The panelists who testified before the subcommittee all agreed that a Federal law should rule over state-level consumer data protection legislation, such as the California Consumer Privacy Act, since, they argued, small tech companies will have to navigate different hoops to remain compliant with each state’s laws.
“As other states follow suit and amend their privacy laws, tech companies will face countless and sometimes conflicting requirements,” KC Tech Council President Ryan Weber said. “This regulatory uncertainty is a huge concern and a threat to small and startup companies. A reasonable Federal data privacy law will stabilize this threat.”
The witnesses also stood in favor of having one entity–namely the Federal Trade Commission–enforce consistent national regulations while also requiring companies to be transparent with consumers. Furthermore, they said that consumers should have a greater stake in how companies use their data.
Despite the panelists’ consensus on what they would like to see in Federal legislation, they also argued that small businesses might struggle more than larger companies when regulations are instated, especially since small businesses typically don’t have the resources to have in-house cyber or information technology teams.
As larger tech companies continue to push for national consumer data protection legislation that accommodates them then, consumer advocates fear their concerns may be compromised.
“Privacy law can be written to illegitimately favor big companies, and we are seeing some concrete efforts to do that,” said Justin Brookman, director of privacy and technology for Consumer Reports.
Brookman added that Federal legislation could accommodate small businesses concerns with adjusted regulation requirements.
“Maybe access and deletion requirements or certain disclosure obligations shouldn’t apply to smaller businesses,” Brookman said. “But not everything–a prohibition on selling data or a need to use reasonable security should always apply.”