There’s growing consensus that something needs to be done about data privacy. But figuring out what should be done and who should be doing it is a lot more complicated.
Even a panel of like-minded Democrats with a firm grasp on tech can be divided on the issue. That was evident Wednesday at an event in Seattle where federal and state lawmakers clashed over which level of government should be responsible for protecting consumers online.
The Seattle Metro Chamber of Commerce hosted a privacy roundtable with U.S. Rep. Suzan DelBene, Washington State Sen. Reuven Carlyle, and State Rep. Zack Hudgins. In Washington’s last legislative session, Carlyle and Hudgins worked together on a privacy bill that seemed likely to pass until it was derailed by concerns over facial recognition and other issues. Carlyle plans to revive the bill next session.
DelBene is a former Microsoft executive with a long history of advocating on tech issues in the U.S. House of Representatives. She has introduced a federal privacy bill several times but it hasn’t advanced beyond the House.
Perhaps unsurprisingly, DelBene and Carlyle each argued that the governing body they belong to is the appropriate venue for regulating privacy. But the debate is much more than a turf war.
The feds case: U.S. lawmakers and tech companies are pushing for federal regulations because “most businesses aren’t operating within any one state jurisdiction,” DelBene said Wednesday. Proponents of the federal approach say compliance with a patchwork of state laws would be too burdensome and the U.S. needs a universal approach to regulating internet issues.
The state case: State legislators, like Carlyle, claim the privacy issue is too urgent to wait for a divided Congress to act. Privacy legislation is stagnating in D.C. He called states the “the laboratories of innovation,” explaining that local lawmakers are better-positioned to experiment with broad policymaking. “I think, under our Constitutional republic, that states are the right level to have a really serious effort at a rigorous policy framework,” Carlyle said.
Tech state unite? Last year the California legislature passed a law giving consumers more control over the data that companies collect about them. The law, which takes effect in 2020, is expected by some experts to set an operating standard across the U.S. because California is home to Silicon Valley. If Washington followed suit, privacy regulations would be in place in the homes of the nation’s most powerful tech companies. “I don’t think we should underestimate the impact of us as a state, as the home of Amazon and Microsoft,” Carlyle said.
Yes but: If enough states pass their own privacy laws, it could force the federal government to act. Federal laws can pre-empt state laws, which opens up the possibility that less expansive regulations become the law of the land across the country. “One of the concerns I have about federal action is that it’s very easy for it to have an element of preemption and yet set a very low floor,” Carlyle said.
Editor’s note: This story has been updated to correct Rep. Hudgins’ name.