September 26, 2018 / 7:16 PM / 8 months ago

Breakingviews - U.S. data privacy suffers from too many cooks

Len Cali, senior vice president for global public policy at AT&T, Andrew DeVore, vice president and associate general counsel at Amazon, Keith Enright, chief privacy officer at Google, Damien Kieran, global data protection officer and associate legal director at Twitter Inc., Guy (Bud) Tribble, vice president for software technology at Apple, and Rachel Welch, senior vice president for policy and external affairs at Charter Communications, testify before the Senate Commerce, Science and Transportation Committee on safeguards for consumer data privacy in Washington, U.S., September 26, 2018. REUTERS/Joshua Roberts

WASHINGTON (Reuters Breakingviews) - The United States could borrow some ideas from Europe on data privacy. Executives from Amazon, Apple and Alphabet unit Google, among others, told U.S. senators on Wednesday that a federal privacy law is needed to avoid fragmented state rules.

Under pressure, Silicon Valley is belatedly embracing national privacy standards. In June, California passed a law giving more power to consumers by allowing them to view data collected on them by large firms and to request its deletion. The European Union’s General Data Protection Regulation, which went into effect in May, forces companies to obtain a clear opt-in from consumers for permission to use personal data.

It’s partly in the hope of avoiding anything as strict that the tech giants are now speaking up. But a federal intervention could also head off growing administrative balkanization and complexity. The Senate hearing focused on the role of the Federal Trade Commission. Yet on Tuesday, the U.S. Commerce Department’s National Telecommunications and Information Administration issued a request for comment on how nationwide data-privacy rules should be developed.

There are still industry divisions too. Representatives came to the Senate hearing from the telecommunications and tech sectors, but companies outside those industries like Walmart, Procter & Gamble and McDonald’s also collect consumer data. The Gramm-Leach-Bliley Act, for instance, requires financial institutions to disclose data-sharing practices and to safeguard customer data. Yet the likes of Uber also handle financial information.

The U.S. healthcare industry has its own standard under the Health Insurance Portability and Accountability Act. But it does not apply to tech companies like Apple or Fitbit, which collect health data through wearable devices, unless or until they want to share information with healthcare providers.

Concerns about Europe’s new privacy regime include high compliance costs, but it does at least provide data protection for consumers with a single set of rules and a level playing field across industries, all of which are required to guard sensitive information. America’s lawmakers could get the ball rolling by cribbing the best parts of GDPR – and getting some of the cooks out of the U.S. data-privacy kitchen.


Reuters Breakingviews is the world's leading source of agenda-setting financial insight. As the Reuters brand for financial commentary, we dissect the big business and economic stories as they break around the world every day. A global team of about 30 correspondents in New York, London, Hong Kong and other major cities provides expert analysis in real time.

Sign up for a free trial of our full service at and follow us on Twitter @Breakingviews and at All opinions expressed are those of the authors.

0 : 0
  • narrow-browser-and-phone
  • medium-browser-and-portrait-tablet
  • landscape-tablet
  • medium-wide-browser
  • wide-browser-and-larger
  • medium-browser-and-landscape-tablet
  • medium-wide-browser-and-larger
  • above-phone
  • portrait-tablet-and-above
  • above-portrait-tablet
  • landscape-tablet-and-above
  • landscape-tablet-and-medium-wide-browser
  • portrait-tablet-and-below
  • landscape-tablet-and-below