Congress or FTC? What about SEC? Where U.S. federal privacy legislation efforts stand in 2023
By 
Aaron Nicodemus2023-02-28T14:00:00
Could Congress pass comprehensive federal data privacy legislation in 2023? If not, could another government agency step into the breach?
Experts believe there are several possibilities.
At the federal level, the regulation most likely to be enacted in 2023 with an impact on data privacy won’t come from Congress or the Federal Trade Commission (FTC) but could instead be contained within a cybersecurity rule under consideration by the Securities and Exchange Commission (SEC), said Vivek Mohan, partner at Gibson Dunn and former senior global privacy law and policy attorney at Apple.
Related articles
-
PremiumAs final CPRA rules trickle out, a reminder companies must ‘grow with the law’
If companies haven’t started the process of coming into compliance with the California’s sweeping new privacy law, they need to begin now.
-
News BriefIowa privacy bill signed into law; effective 2025
Iowa became the sixth U.S. state to pass comprehensive data protection legislation allowing residents control over how their personal information is accessed and shared.
-
OpinionTen things I’d like to see happen in 2023 (2022 in review)
Expect big developments for the compliance profession in 2022 to continue to take center stage in the year ahead, including CCO certifications, climate-related disclosures, and more.
More from Regulatory Policy
-
ArticleOCC proposes dropping its ‘recovery plan’ requirements for big banks
Less than a year after a new rule required more of the U.S.’s biggest banks to draft “recovery” plans in case of failure, the rule is on its way out.
-
ArticleNavigate SEC cautiously during shutdown, experts advise
The U.S. government shutdown has brought most operations at the Securities and Exchange Commission (SEC) to a screeching halt, but that doesn’t mean compliance teams should be taking a breather, experts advised.
-
ArticleComplying with the EU Data Act – What companies should know
Companies could face significant compliance challenges in trying to meet new EU legal requirements about how companies share data with third parties.