Renewed calls for US data privacy law

Politicians in the States have received more calls to strengthen data privacy laws and align more with the GDPR.

Citing the damage done by the Facebook Cambridge Analytica scandal, the federal government’s chief auditor submitted a 56-page document to Congress last week.

In a statement, chairman of the House Energy and Commerce Committee, Frank Pallone Jr, said:

“Since I requested this report, the need for comprehensive data privacy and security legislation at the federal level has only become more apparent.

“From the Cambridge Analytica scandal to the unauthorised disclosures of real-time location data, consumers’ privacy is being violated online and offline in alarming and dangerous ways.”

The Government Accountability Office (GAO) in the US, which provides auditing, evaluation and investigation services for Congress, wants the Federal Trade Commission to have more power to enforce internet privacy. The suggestion comes after a discovery that of the 101 internet privacy enforcement actions filed by the FTC in the past ten years, no fines were issued due to lack of sufficient authority. Instead, nearly all cases resulted in negotiated settlements.

The GAO report said:

“Recent developments regarding Internet privacy suggest that this is an appropriate time for Congress to consider comprehensive Internet privacy legislation.

“Although FTC has been addressing Internet privacy through its unfair and deceptive practices authority, among other statutes, and other agencies have been addressing this issue using industry-specific statutes, there is no comprehensive federal privacy statute with specific standards.”

The report was presented to Congress following news that the FTC is in talks with Facebook to settle a multi-billion-dollar fine over an investigation into the social network’s data privacy behaviours. A final sum has not yet been determined.

The FTC began looking into Facebook after the Cambridge Analytica revelations, which may have put Mark Zuckerberg’s firm in violation of a 2011 pledge to the US government to tighten privacy.

More broadly, there is a growing support base among tech leaders in the US for a GDPR-style legislation. In October 2018, Apple boss Tim Cook praised the EU’s initiatives and told a data protection conference in Brussels that privacy should be considered “a human right.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.