Six years seems like a century in tech policy. While there is now a growing consensus among the tech industry, regulatory advocates, and policymakers on the need for comprehensive privacy legislation, a blueprint proposed in President Barack Obama's 2012 Consumer Privacy Bill of Rights proved unsuccessful. Had Congress taken up legislation in 2012, it may have forestalled the egregious regulations the EU and California adopted.
Representatives from AT&T, Amazon, Google, Twitter, Apple, and Charter Communications testify before the Senate Commerce, Science and Transportation Committee in Washington, DC, September 26, 2018. via REUTERS.
In any case, the principles agreed on today generally align with those proposed in 2012. They're hardly controversial: individual control, transparency, security, accountability, and strengthened enforcement at the Federal Trade Commission (FTC). The 2012 proposal supported using multi-stakeholder processes to develop enforceable codes of conduct through Section 5 of the FTC Act and global interoperability. Importantly, the Obama administration was adamant about the need for preemption of state laws that would contradict the national standard. It expected states to participate in multi-stakeholder processes and believed that states proposing more stringent requirements would diminish incentives for firms to adopt the codes of conduct.
