House Energy and Commerce Committee Chair Brett Guthrie, R-Ky., arrives for a markup session of the FY2025 budget resolution in the Rayburn building on Tuesday, May 13, 2025.
Tom Williams | CQ-Roll Call, Inc. | Getty Images
In a significant move poised to reshape the digital landscape, two pivotal data privacy bills are set to be introduced, aiming to establish a unified national standard for how technology and financial services firms manage user data. This legislative push, shared first with CNBC, seeks to preempt a complex and evolving patchwork of nearly two dozen state-level privacy laws.
The proposed legislation comprises two distinct yet complementary bills: the SECURE Data Act, specifically targeting technology companies, and the GUARD Financial Data Act, focused on businesses within the financial services sector. Their joint introduction signifies a concerted effort to create a singular, overarching federal framework for data privacy.
Key bipartisan backing for these bills comes from House Energy and Commerce Chair Brett Guthrie, R-Ky., and House Financial Services Chair French Hill, R-Ark. Their endorsement is expected to provide considerable momentum, paving the way for initial committee votes as early as next month.
In a statement to CNBC, Chairman Guthrie articulated the strategic imperative behind the SECURE Act. “This legislation is designed to bring an end to the confusing state-by-state patchwork of laws that ultimately fail consumers and small businesses alike,” Guthrie stated. He further noted that the proposed federal standard would draw upon successful elements found in existing state-level privacy regulations, such as those recently enacted in Kentucky.
Beyond preempting existing state statutes, the bills would empower individuals with enhanced control over their personal data. Consumers would gain the right to access, correct, or delete their information, and importantly, to opt out of targeted advertising and the sale of their data. These provisions represent a crucial step towards greater individual autonomy in the digital realm.
However, a notable departure from previous Democratic proposals is the absence of a private right of action within these bills. This means individuals would not be granted the ability to sue companies directly for data privacy violations, a provision that has been a significant point of contention in past legislative efforts. This omission suggests a potential compromise to garner broader support, prioritizing a federal standard over individual litigation rights.
The path to comprehensive federal data privacy legislation has been fraught with challenges. Over the past several years, Congress has repeatedly grappled with finding the delicate balance between robust consumer protections and the operational needs of the tech and finance industries. Disagreements have not only emerged between the two major parties but also within party caucuses, hindering the progress of previous attempts. A prime example occurred two years ago when a planned vote on a data privacy bill in the Energy and Commerce Committee was abruptly canceled at the last minute due to significant Republican opposition.
Chairman Guthrie appears determined to avoid a similar outcome this time. Last year, he proactively established a task force to foster consensus among Republican members and gather crucial input. The strategic approach is to first secure sufficient Republican votes to advance the measures through committee, and then pivot to garnering bipartisan support. The House Financial Services Committee is employing a parallel strategy, indicating a coordinated effort to navigate the legislative process.
The implications of these bills extend beyond mere regulatory compliance. For technology companies, this legislation presents an opportunity to move away from a fragmented compliance environment towards a more predictable and scalable national framework. This could streamline product development, reduce legal complexities, and potentially foster greater innovation by setting clear, albeit stringent, guidelines for data handling. Financial services firms, already operating under a heavily regulated environment, will need to integrate these new data privacy mandates into their existing compliance structures, potentially requiring significant investments in data governance and security infrastructure. The success of these bills could also signal a new era of federal oversight in data privacy, influencing future legislative debates and consumer expectations across the digital economy.
Original article, Author: Tobias. If you wish to reprint this article, please indicate the source:https://aicnbc.com/20879.html
