One bone of contention is whether Congress should preempt existing state laws, handing more power to the Federal Trade Commission. As ZDNet notes, while parties on all sides of the issue seem to agree on the need for some action, Democrats have shown wariness about a national law that might weaken the state measures already in place.
The House Energy and Commerce Consumer Protection Subcommittee heard testimony on the issue on February 26. The Senate Commerce, Science and Transportation Committee followed a day later.
As Law.com reports, legislators and stakeholders largely dismissed Europe’s General Data Protection Regulation and the California Consumer Privacy Act as templates for new federal laws. But some argued that certain principles undergirding the GDPR and CCPA need to be enacted at a national level.
The CCPA, when it takes effect on January 1, will force business to allow people to opt out of having their data sold. Companies will also be required to delete a person’s data on request. New York and Washington state have also proposed bills that would expand individuals’ data-privacy rights.
Separately, Sen. Mark Warner (D-Va.) sent a letter recently to a number of big healthcare organizations requesting information on how they’re handling cybersecurity, The Hill reports. He also asked how the federal government could help.
The newly seated Congress has already seen a few dozen bills introduced that would affect information security, reports CSO. The legislation centers around five key areas: critical infrastructure, cybersecurity human-resources development, supply chain cybersecurity, election cybersecurity and “bug bounties.”
Election cybersecurity, for its part, has already become a major issue on the campaign trail among Democratic presidential hopefuls, The Washington Post reports. Candidates addressing the issue so far have included Senators Kamala Harris of California and Amy Klobuchar of Minnesota.