A senator has suggested that a US privacy law could be drafted early next year in the form of a bipartisan bill.

While there is as yet no consensus on the wording of such a bill, there is widespread agreement that some form of legislation is required …

NordVPN

Reuters reports that the remark was made by Senator Richard Blumenthal.

A much-anticipated bill that may give the U.S. government the ability to collect civil penalties if a company misuses consumer data on the internet or allows it to be stolen could be drafted early next year, a lawmaker said on Tuesday […]

Senator Richard Blumenthal, a Democrat, said at the hearing he hoped a draft would be finished “early in the session (next year).”

“I have been working with Sen. Moran on a bipartisan privacy bill that I hope will make very good progress very soon,” he said […]

Republican Senator Jerry Moran, chairman of the consumer protection, product safety, insurance and data security subcommittee, said although he supported privacy rules he was not sure about imposing civil penalties […]

Senator John Thune, who chairs the Commerce Committee, said his committee was also exploring privacy legislation but did not give details.

The push for a US privacy law follows the implementation of the world’s toughest legislation introduced in Europe earlier this year: the General Data Protection Regulation (GDPR). The standards set by the law are so high that even Apple had to make improvements to its privacy policies in order to comply.

Our own poll showed that 90% of 9to5Mac readers wanted to see US companies adopt GDPR privacy standards, and a recent large-scale survey showed the majority of the US population supports tech regulation.

Apple CEO Tim Cook has been pushing hard for a US privacy law, arguing last month that it needs to be rooted in four rights.

We at Apple are in full support of a comprehensive federal privacy law in the United States. There, and everywhere, it should be rooted in four essential rights: First, the right to have personal data minimized. Companies should challenge themselves to de-identify customer data—or not to collect it in the first place. Second, the right to knowledge. Users should always know what data is being collected and what it is being collected for. This is the only way to empower users to decide what collection is legitimate and what isn’t. Anything less is a sham. Third, the right to access. Companies should recognize that data belongs to users, and we should all make it easy for users to get a copy of…correct…and delete their personal data. And fourth, the right to security. Security is foundational to trust and all other privacy rights.

Europe’s GDPR law is far-reaching, but at its heart is based on another four key principles.

Cook explained in a recent interview that he has been somewhat reluctant in coming to the conclusion that a US privacy law is needed, but has recognized that letting the market decide has not proven effective.

Image: Shutterstock


Check out 9to5Mac on YouTube for more Apple news:

About the Author

Ben Lovejoy's favorite gear