White House reportedly considers GDPR-like data protections
The Trump administration is talking to industry leaders about the possibility.
Online data privacy is a hot topic right now for a number of reasons. US residents and elected officials alike still have their eyes on Facebook as concerns continue to circulate over the policies that led to the Cambridge Analytica scandal. Further, more recent reports have revealed that the company shared data with a number of mobile device makers, sparking unease over what that means for consumers as well as national security. On the other side of the issue, Europe has now instituted its General Data Protection Regulation (GDPR), the most rigorous set of privacy laws to date. Now, it looks like US officials are interested in exploring some regulations of their own.
Axios reports that Gail Slater, special assistant to President Trump for tech, telecom and cyber policy at the White House National Economic Council, is looking into what sorts of regulations, if any, should and could be implemented in the country. According to Axios sources, she has met with the CEO of the Information Technology Industry Council, the trade group that represents companies like Apple, Google and Facebook, as well as members of the technology committee of The Business Roundtable, a lobbying group made up of US CEOs including Apple's Tim Cook, IBM's Virginia Rometty and Verizon's Lowell McAdam.
While it's still quite early in this process, these conversations could eventually lead to some sort of regulatory framework in the US. Axios sources say one possibility is an executive order directing the Commerce Department's National Institute of Standards and Technology to develop privacy standards. Another is a public-private partnership that could take on the issue.
It's likely that whatever US officials come up with, it won't be a copy of Europe's GDPR. Slater has already noted that while some parts of Europe's new laws -- like giving consumers more control over their online data -- are appealing, other stipulations, such as the "right to be forgotten" might not mesh with US laws. "We're talking through what, if anything, the administration could and should be doing," Slater said at a conference last month.
Following the Cambridge Analytica revelations, Senators Ed Markey (D-MA) and Richard Blumenthal (D-CT) introduced a privacy bill called the CONSENT Act while Senators Amy Klobuchar (D-MN) and John Kennedy (R-LA) followed suit with their Social Media Privacy and Consumer Rights Act shortly thereafter. Meanwhile, California is working on a Consumer Privacy Act, which a number of tech companies are opposing. Additionally, some US lawmakers have called on tech companies to work with them to develop adequate and effective legislation. "I'll be the first to acknowledge that if the tech companies leave it to policy makers in Washington alone to figure this out, we'll probably screw it up," Senator Mark Warner (D-VA) told CNET in April.
Update: The Information Technology Industry Council has told Engadget that Slater and CEO Dean Garfield spoke about GDPR implementation, the EU-US Privacy Shield framework and a Financial Times op-ed written by Secretary of Commerce Wilbur Ross on the potential effects GDPR might have on trade, but not specifically about US privacy regulations.
