ARTICLE
24 February 2020

Senator Kirsten Gillibrand Introduces Bill To Establish Federal Data Protection Agency

CW
Cadwalader, Wickersham & Taft LLP

Contributor

Cadwalader, Wickersham & Taft LLP logo
Cadwalader, established in 1792, serves a diverse client base, including many of the world's leading financial institutions, funds and corporations. With offices in the United States and Europe, Cadwalader offers legal representation in antitrust, banking, corporate finance, corporate governance, executive compensation, financial restructuring, intellectual property, litigation, mergers and acquisitions, private equity, private wealth, real estate, regulation, securitization, structured finance, tax and white collar defense.
Explore Firm Details
United States Senator Kirsten Gillibrand (D-NY) introduced the "Data Protection Act of 2020."
United States Privacy
Joseph V. Moreno
Your Author LinkedIn Connections

United States Senator Kirsten Gillibrand (D-NY) introduced the "Data Protection Act of 2020." The bill would form a national Data Protection Agency ("DPA") designed to establish and enforce data privacy and cybersecurity practices.

Under the bill, the newly formed DPA would regulate companies' use of consumer personal data by limiting how it may be collected, disclosed and processed. Specifically, the DPA would:

  • act as an executive agency with a director appointed by the president and confirmed by the Senate for a five-year term;
  • receive consumer complaints and initial investigations of companies believed to have violated data privacy laws, with the power to issue subpoenas and seek fines and injunctive relief;
  • coordinate efforts with all federal departments and agencies to (i) enforce regulations regarding privacy or data protection, and (ii) eliminate inconsistencies among their operations, functions and jurisdictions;
  • oversee high-risk data practices by (i) requiring covered entities to conduct ex-ante impact assessments and ex-post outcomes, and (ii) examining certain impacts and proposing remedies; and
  • ensure that privacy practices (i) comply with fair information practices, (ii) implement fair contract terms in the market (e.g., prohibiting "pay-for-privacy provisions" and "take-it-or-leave-it" provisions within service agreements), and (iii) encourage techniques to minimize data.

Commentary Joseph Moreno

Senator Gillibrand's bill to establish a federal agency focused on data privacy is one of several recent legislative efforts to centralize that function, which currently is performed by the Federal Trade Commission. The fact that such legislation is even necessary is an acknowledgment that the United States lacks a national data privacy and data protection standard akin to the European Union's General Data Protection Regulation (GDPR), or a dedicated regulator to enforce it. Instead, states such as California and New York have taken the lead on various data privacy efforts, coupled with data breach laws now in effect in all fifty states. While the fact that 2020 is a presidential election year casts doubt on Congress' ability to enact significant legislation, Senator Gillibrand is to be commended on identifying and advocating for an issue whose time certainly has come.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Joseph V. Moreno
Joseph V. Moreno
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More