Senator Maria Cantwell and Congresswoman Cathy McMorris Rodgers have introduced the American Privacy Rights Act, a bipartisan federal data protection measure in the United States. By restricting the capacity of giant tech companies to process, transmit, and sell such data, the law seeks to give US residents more control over their personal information. It also grants the FTC, individual states, and the ability to impose stricter cybersecurity rules to ensure that firms safeguard sensitive data from being compromised or stolen.
On April 7, 2024, the House and Senate Commerce Committee chairmen unveiled the draft legislation. The senators said that the pact concludes a lengthy endeavor by Congress to find a middle ground on data protection. In their view, this bicameral bill is the most excellent chance to create a uniform national data privacy and security norm that gives individuals agency over their own data. The bill’s authors said their proposed national privacy standard is “stronger” than what is now in place in any state’s law, and if passed, this claim would be legally binding. For example, it would make it easier for individuals to stop businesses from sharing or selling their personal information.
Furthermore, the law grants individuals the right to see their data and the option to turn off targeted advertising. It forbids businesses from imposing obligatory arbitration and gives Americans the right to sue “bad actors who violate their privacy rights.”
Some US states have recently enacted data privacy rules, including Utah, Virginia, Connecticut, and California. On April 6, 2024, the Maryland General Assembly passed the Online Data Privacy Act of 2024, which is identical to the one in Delaware. Nevertheless, firms operating worldwide have been burdened with extra work due to uneven state legislation in this area. They have had to design distinct, particular methods for relatively tiny user collections in various states.
According to Rodgers and Cantwell, their proposed law is the most excellent chance the United States has had in decades to create a uniform data privacy and security policy.