Sen. Marco Rubio (R-FL) announced a new data privacy bill today, marking the first real push from Congress to regulate big tech companies in the new year. The bill, initially reported by Axios, does little to quell Democrats’ regulatory desires, and it would effectively remove individual states’ authorities to write their own, perhaps stricter, rules.
The bill is called the American Data Dissemination Act, and it would direct the Federal Trade Commission to write privacy rule recommendations for Congress, proposing a framework for companies like Facebook, Twitter, and Google. If Congress does not pass a bill within two years, the FTC would be able to write its own rules for companies, something the agency has been unable to do since the ‘70s. As of right now, the agency is only able to inflict penalties or pursue litigation as a method of enforcing already adopted privacy laws.
But the bill would also require any new rules to preempt stronger state laws, like California’s landmark consumer privacy act that was approved last year and is anticipated to go into effect in 2020. Industry groups have been calling for a preemption clause in any federal legislation, saying that one federal law would be easier for companies to navigate rather than being faced with a “patchwork” of state and federal rules.
“It is critical that we do not create a regulatory environment that entrenches big tech corporations,” Rubio said in a statement to Axios. “Congress must act, but it is even more important that Congress act responsibly to create a transparent, digital environment that maximizes consumer welfare over corporate welfare.”
Democrats have previously said that they would compromise with Republicans and be willing to approve legislation that preempts state laws so long as an overarching federal law covered enough regulatory ground on its own. However, Rubio’s new bill doesn’t give the FTC full rule-making authority, a prominent request from the minority, and it will likely face criticism from Democrats.