U.S. seeks input on privacy rules to protect consumer data

People look at data on their mobiles as background with internet wire cables on switch hub is projected in this picture illustration taken May 30, 2018. Picture taken May 30, 2018. REUTERS/Kacper Pempel/Illustration

By David Shepardson

WASHINGTON (Reuters) – The U.S. Commerce Department on Tuesday said it was seeking comments on how to set nationwide data privacy rules in the wake of tough new requirements adopted by the European Union and California this year.

The Senate Commerce Committee has scheduled a privacy hearing on Wednesday with major companies including Alphabet Inc, AT&T Inc, Apple Inc. This summer, the Trump administration held more than 50 meetings with tech companies, internet providers, privacy advocates and others.

Data privacy has become an increasingly important issue since massive breaches compromised the personal information of millions of U.S. internet and social media users, as well as breaches involving large retailers and credit reporting agency Equifax Inc.

Commerce’s National Telecommunications and Information Administration (NTIA) issued the request for comment after noting “a growing number of foreign countries, and some U.S. states, have articulated distinct visions for how to address privacy concerns, leading to a nationally and globally fragmented regulatory landscape.”

The administration said companies and other organizations that use consumer data should be transparent about how they use personal information, individuals should be able to exercise control over personal information and data use “should be reasonably minimized.”

David Redl, who heads NTIA, said “the Trump administration is beginning this conversation to solicit ideas on a path for adapting privacy to today’s data-driven world.”

The Internet Association, which represents more than 40 major internet and technology companies, said this month it backed modernizing data privacy rules but wants a national approach that would pre-empt new regulations in California that take effect in 2020.

California Governor Jerry Brown signed data privacy legislation in June aimed at giving consumers more control over how companies collect and manage their personal information, although it was not as stringent as new rules in Europe.

The European Union General Data Protection Regulation took effect in May, replacing the bloc’s patchwork of rules dating back to 1995.

Breaking privacy laws can now result in fines of up to 4 percent of global revenue or 20 million euros ($23.2 million), whichever is higher, as opposed to a few hundred thousand euros.

Also testifying Wednesday will be Twitter Inc, Amazon.com Inc and Charter Communications Inc to give them “an opportunity to explain their approaches to privacy,” said U.S. Senator John Thune.

Google on Monday said it backed “responsible, interoperable and adaptable data protection regulations” as it offered a list of principles.

(Reporting by David Shepardson; Editing by David Gregorio)