cross-posted from: https://lemmy.blahaj.zone/post/10889989

Big news in DC: a new bipartisan, bicameral proposal for a “compromise” federal privacy bill, the American Privacy Rights Act (APRA). At this point, take it all with a grain of salt; in 2022, the initial draft of the bill was promising, but it got weakened substantially by the subcommittee and then weakened further by the committee. I haven’t read the discussion draft yet so don’t have any strong opinions on it.

  • Gutless2615@ttrpg.network
    link
    fedilink
    English
    arrow-up
    16
    ·
    edit-2
    9 months ago

    State preemption should make this dead on arrival. When California just passed a data broker deletion bill and now 16 states have passed comprehensive privacy laws of their own while congress has their collective insane thumbs up their asses, it seems fucking crazy to ensure that the only way privacy legislation of the future can happen is if congress gets their shit together.

    • The Nexus of Privacy@lemmy.blahaj.zoneOP
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      9 months ago

      Preemption is bonkers from a privacy perspective, and also flies in the face of the basic principle that the states are “the laboratories of democracy.” But from a corporate perspective preemption is wonderful … it keeps pesky pro-privacy states like California and Washington from ever raising the bar above whatever can get through Congress! So historically privacy advocates and organizations have always opposed preemptive federal legislation. But that wall cracked in 2022, where EPIC Privacy joined pro-industry privacy orgs like Future of Privacy Forum to support a preemptive bill (although EFF and ACLU continued to oppose the preemptive aspects).

      The argument for supporting a preemptive bill (not that I agree with it, I’m just relaying it) is that the federal bill is stronger than state privacy bills (California unsurprisingly disagreed), and many states won’t pass any privacy bill. Industry hates preemption, industry hates the idea of a private right of action where people can sue companies, most Republicans and corporate Democrats will do what industry wants, so the only way to pass a bill is to include at most one of those. So the only way to get that level of privacy protection for everybody is for people in California, Maine, Illinois, etc, to give up some of their existing protection, and for people in Washington etc to give up the chance of passing stronger consumer privacy laws in the future. California of course didn’t like that (neither did other states but California has a lot of votes in Congress), and Cantwell’s staffers also told us in Washington that she was opposed to any preemptive bill, so things deadlocked in 2022.

      With this bill, I’m not sure why Cantwell’s position has changed – we’re trying to set up a meeting with her, if we find out I’ll let you know. I’m also not sure whether the changes in this bill are enough to get California on board. So, we shall see.

    • Buelldozer@lemmy.today
      link
      fedilink
      arrow-up
      5
      arrow-down
      2
      ·
      edit-2
      9 months ago

      State preemption should make this dead on arrival.

      Huh, a wild “States Rights” argument appears! Are you SURE that’s what you want? It would certainly make Texas and other Red States pretty damn happy if their laws had supremacy over Federal ones.

      • Gutless2615@ttrpg.network
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        Floor not ceiling preemption is a thing. And last year TEXAS passed data broker registration bill. I do trust the Texas legislature to be more likely to be able to get stuff done into the future then congress.

      • Dupree878@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        I don’t understand why states can’t just have more stringent requirements and the federal one being the bare minimum