WASHINGTON (Reuters) – The Trump administration is working to develop consumer data privacy policies, and the Commerce Department is meeting with big companies like Facebook Inc, Comcast Corp and Alphabet Inc as it looks to eventually seeing the policies enshrined in legislation, two officials said .
Data privacy has become an increasingly important issue, fueled by massive breaches that have compromised personal information of millions of US internet and social media users, spurring Congressional hearings.
California, the most populous US state, and the European Union have both adopted data protection rules.
David Redl, a senior US Commerce Department official who oversees the National Telecommunications and Information Administration, said in a speech to the Internet Governance Forum USA in Washington that the administration recently “began holding stakeholder meetings to identify common ground and formulate core, high-level principles on data privacy.”
White House spokeswoman Lindsay Walters said the administration, through the White House National Economic Council, “aims to craft a consumer privacy protection policy that is the appropriate balance between privacy and prosperity. … We look forward to working with Congress on a legislative solution consistent with our overarching policy.”
Facebook, the world’s largest social media network, said earlier this year that the personal information of about 70 million US users was improperly shared with political consultancy Cambridge Analytica. US lawmakers have also demanded answers from Facebook about the data it shared with four Chinese companies. Yahoo said in 2017 that all 3 billion of its accounts were hacked in a 2013 data theft, while other large data breaches have been reported in recent years by Equifax Inc, Target Corp and Home Depot Inc.
Redl said a government survey showed that three-quarters of American households using the internet have “significant concerns” about privacy and security risks.
A person briefed on the matter confirmed that the more than 20 meetings held have included major internet companies like Facebook and Google parent company Alphabet Inc, along with internet providers like AT&T Inc and Comcast Corp and trade associations. The Washington Post reported details of the meetings .
Redl said the administration plans to publish “high-level principles” and seek public comment as it seeks to develop a nationwide data privacy plan.
Comcast, Facebook and Google declined comment. AT&T said it backs “federal legislation that establishes strong consumer privacy protections that apply to all companies operating on the internet.”
Jose Castaneda, spokesman for the Information Technology Industry Council, which represents major tech companies, praised the Commerce Department efforts. “The United States has an opportunity to create a new, best-in-class privacy paradigm for the digital economy as well as avoid the creation of a patchwork of laws that would impede innovation,” he said.
In May, European privacy regulations went into effect forcing companies to be more attentive to how they handle customer data.
The European Union General Data Protection Regulation (GDPR) replaces the bloc’s patchwork of rules dating back to 1995 and heralds an era where breaking privacy laws can result in fines of up to 4 percent of global revenue or 20 million euros ($23.5 million), whichever is higher, as opposed to a few hundred thousand euros.
In June, California Governor Jerry Brown signed data privacy legislation aimed at giving consumers more control over how companies collect and manage their personal information, but the rules are not as stringent as the GDPR.
Under the law, large companies, such as those with data on more than 50,000 people, would be required starting in 2020 to let consumers view the data they have collected on them, request deletion of data, and opt out of having the data sold to third parties.
Internet companies are bracing for the impact of tighter privacy rules. Facebook said Wednesday that profit margins would plummet for several years due to the costs of improving privacy safeguards and slowing usage in the biggest advertising markets.
In April 2017, Trump signed legislation repealing privacy rules approved during the Obama administration requiring internet service providers to do more to protect customers’ privacy than websites.