July 29, 2021

Volume XI, Number 210

Advertisement

July 28, 2021

Subscribe to Latest Legal News and Analysis

July 27, 2021

Subscribe to Latest Legal News and Analysis

July 26, 2021

Subscribe to Latest Legal News and Analysis

Senator Gillibrand Announces Renewed Data Protection Act 2021

On June 17, 2021, Senator Kirsten Gillibrand (D-NY) announced the reintroduction of the Data Protection Act of 2021 (the “bill”), which would create an independent federal agency, the Data Protection Agency, to “regulate high-risk data practices and the collection, processing, and sharing of personal data.” The bill was first introduced in 2020 and has since been revised to include updated provisions intended to protect against privacy harms, oversee the use of “high-risk data practices” and examine the social, ethical, and economic impacts of data collection.

The Senator’s press release indicates the Data Protection Agency would have three core missions:

  • Provide individuals control and protection over data via its authority to create and enforce data protection rules, including through handling complaints, conducting investigations and administering civil penalties, injunctive relief and other equitable remedies.

  • Ensure fair competition within the digital marketplace, such as by developing model privacy and data protection standards, guidelines and policies.

  • Prepare the U.S. government for the digital age, such as by advising Congress on emerging privacy and technology issues, representing the U.S. in international privacy forums and promoting the consistent regulatory treatment of personal data across federal and state regulators.

In particular, the new agency would be responsible for supervising data aggregators, maintaining a publicly accessible list of data aggregators meeting certain thresholds and reporting to the FTC on the privacy and data protection implications of any mergers that involve a large data aggregator or that propose the transfer of personal data of 50,000 or more individuals. Additionally, the bill would prohibit data aggregators from engaging in certain acts, such as the commission of unfair, deceptive, abusive or discriminatory acts in connection with the processing or sharing of personal data, and re-identifying (or attempting to re-identify) an individual, household or device from anonymized data.

Read the bill here.

Copyright © 2021, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XI, Number 174
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct
Advertisement
Advertisement