Counterpoint: States should steer data privacy law

The genius of the American system of government is that it contains the solutions that we need to address this problem—in the states and territories. Our states have developed powerful, complex tools to protect consumers whose rights are being violated. 

Why states and not the federal government?  There are three key reasons.

• First, the federal government has, despite decades of concerns, not even tried to lead on addressing privacy issues online (except for narrow issues such as protecting health information, or young children on certain sites and services.)  The federal government’s track record has been so bad that it fell to the European Union to pass the world’s first broadly based law protecting consumer privacy online. The federal government’s lack of interest on real privacy protections seems likely to continue. There are only a handful of stalwart privacy advocates on the Hill. The major tech companies are powerful lobbies in Washington—and they are already calling for a federal law specifically designed to preempt the basic protections in California’s new privacy law, the California Consumer Protection Act (CCPA). That is a bad-faith effort.
• Second, the states are the right place to protect consumer privacy, because they have always been the first line of defense against consumer scams and unfair business practices. That is their job. State tort law has traditionally been the first line of defense for protecting the privacy of our homes and persons. If your house was intruded upon, if your personal information was maliciously exposed, or if your image or identity was stolen, you could turn to your state and its tort law. States are uniquely powerful in protecting consumer privacy.
• Finally, states must take the lead on protecting our privacy online because they can match the speed and innovation of technology companies.  Look at the response to data breaches; while the federal government has failed to act (even in the face of massive Equifax breaches affecting over 140 million consumers), all 50 states passed laws cracking down on data breaches, providing relief to consumers.  It is the same with student privacy; as a whole generation of educational technology began to surveil students, it fell to the states to pass laws protecting student privacy.

A major reason that the states can innovate is because State Departments of Justice have incredible regulatory, prosecution, and law enforcement capabilities. These are typically strong pro-consumer agencies—taking the lead on everything from tobacco to opiods and social media—that are directly accountable to voters.

These DOJs and Attorneys General are increasingly focused on online consumer protection, as citizens have decried the federal government’s inaction and incompetence. University of Maryland Francis King Carey School of Law Professor Danielle Citron noted that “state attorneys general have been nimble privacy enforcement pioneers, a role that for practical and political reasons would be difficult for federal agencies to replicate. Because attorneys general do not have to wrestle with the politics of agency commissioners or deal with layers of bureaucracy, they can move quickly on privacy and data security initiatives. Career staff have developed specialties and expertise growing out of a familiarity with local conditions and constituent concerns. Because attorneys general are on the front lines, they are often the first to learn about and respond to privacy and security violations.”

Americans overwhelmingly demand progress now on privacy rights. We are all online, our kids are even more online, but we are not able to protect ourselves or them. We need a stronger web of protections—and that will only happen with a movement to update state laws and ensure that state DOJs have the resources to protect us and citizens have the tools to protect themselves.

James Steyer is the founder and CEO of Common Sense Media, the nation’s leading independent non-profit organization dedicated to creating a powerful voice for kids and families in the 21st century.