The United States is seen throughout the world as a leader in technology. With major players growing from small start-ups to international household names. Despite such growth in the world of technology right in our backyards, the U.S. is also seen as lacking when it comes to regulating the implications of such technologies on our personal data.

Historically the U.S. has put into place regulations which have protected personal data in certain areas but a comprehensive federal data protection regulation has yet to be put into place.

Hope that this will change came this month as two committee chairs introduced a new federal data privacy bill.

A new data privacy legislation has been released for discussion

On April 5, 2024, the draft of the American Privacy Rights Act, a bipartisan bicameral federal privacy bill, was released. U.S. House Committee on Energy and Commerce Chair Cathy McMorris Rodgers, R-Wash., and Sen. Maria Cantwell, D-Wash., chair of the Senate Committee on Commerce, Science and Transportation released the newly drafted legislation and stated in a press release:

„This bipartisan, bicameral draft legislation is the best opportunity we’ve had in decades to establish a national data privacy and security standard that gives people the right to control their personal information. It strikes a meaningful balance on issues that are critical to moving comprehensive data privacy legislation through Congress.“

The new legislation will give Americans the right to better control their personal data by prohibiting tracking, predicting, and manipulating people’s behaviors for profit without knowledge and consent. Individuals should be able to obtain recourse for violations to their personal privacy through a federal avenue, no matter their state of residency.

The American Privacy Rights Act would preempt the state data protection laws and make it easier for individuals to know and exercise their rights. The act also facilitates companies’ compliance with data protection regulations.

The current data protection landscape in the U.S.

Up to now, data protection in the U.S. has been a piecemeal of regulation. Starting with the U.S Constitution all the way through the last state data privacy law. Each piece of regulation covers a portion of privacy or a portion of the population, but never everything for everyone.

17 states have enacted privacy laws, some with effective dates first scheduled for 2026. 18 additional states have laws in different stages of the legislative process. At a legislative hearing, on April 17, 2024, concerning data privacy proposals, GOP Rep. Gus Bilirakis of Florida, the subcommittee’s chair, stated the following in his opening remarks:

„One national standard would preempt the patchwork of state laws, so when consumers and businesses cross state lines, there are consistent rights, protections and obligations.“

As the American Privacy Rights Act goes through the legislative process there is hope that a new chapter in the U.S. data privacy story will begin.