Senator Gillibrand Announces Renewed Data Protection Act 2021
Wednesday, June 23, 2021
Renewed Data Protection Act 2021
Print Mail Download i

On June 17, 2021, Senator Kirsten Gillibrand (D-NY) announced the reintroduction of the Data Protection Act of 2021 (the “bill”), which would create an independent federal agency, the Data Protection Agency, to “regulate high-risk data practices and the collection, processing, and sharing of personal data.” The bill was first introduced in 2020 and has since been revised to include updated provisions intended to protect against privacy harms, oversee the use of “high-risk data practices” and examine the social, ethical, and economic impacts of data collection.

The Senator’s press release indicates the Data Protection Agency would have three core missions:

  • Provide individuals control and protection over data via its authority to create and enforce data protection rules, including through handling complaints, conducting investigations and administering civil penalties, injunctive relief and other equitable remedies.

  • Ensure fair competition within the digital marketplace, such as by developing model privacy and data protection standards, guidelines and policies.

  • Prepare the U.S. government for the digital age, such as by advising Congress on emerging privacy and technology issues, representing the U.S. in international privacy forums and promoting the consistent regulatory treatment of personal data across federal and state regulators.

In particular, the new agency would be responsible for supervising data aggregators, maintaining a publicly accessible list of data aggregators meeting certain thresholds and reporting to the FTC on the privacy and data protection implications of any mergers that involve a large data aggregator or that propose the transfer of personal data of 50,000 or more individuals. Additionally, the bill would prohibit data aggregators from engaging in certain acts, such as the commission of unfair, deceptive, abusive or discriminatory acts in connection with the processing or sharing of personal data, and re-identifying (or attempting to re-identify) an individual, household or device from anonymized data.

Read the bill here.

Copyright © 2024, Hunton Andrews Kurth LLP. All Rights Reserved.

Current Legal Analysis

More from Hunton Andrews Kurth

A Ban on Noncompete Agreements? FTC Uses Section 5 Against Employers and Proposes Rule to Ban Noncompete Clauses Entirely
by: Kevin Hahm , Leslie W. Kostyshak
The Federal Trade Commission Issues a Final Rule Banning Most Worker Non-Compete Agreements
by: Ryan A. Glasgow , Jason P. Brown
In Groundbreaking Final Rule, EPA Designates Two PFAS as Hazardous Substances Under CERCLA
by: Paul T. Nyffeler, PhD , Matthew Z. Leopold
CIPL Publishes White Paper on Leveraging Data Responsibly and a Holistic Data Strategy
by: Hunton Andrews Kurth’s Privacy and Cybersecurity
New Bipartisan Federal Privacy Proposal Unveiled: American Privacy Rights Act
by: Hunton Andrews Kurth’s Privacy and Cybersecurity
Recent N.D. Ill. Ruling Upholds Common Interest Doctrine Over Communications Between Biometric Technology Vendors and Customers
by: Julia Y. Trankiem , Torsten M. Kracht
Senators Introduce Stablecoin Bill
by: Scott H. Kimpel
FTC Poised to Finalize Noncompete Rule
by: Katherine Pauly , Kevin Hahm
EDPB Issues Opinion on Pay-Or-Consent Models
by: Hunton Andrews Kurth’s Privacy and Cybersecurity
Supreme Court Rules that MD&A Omission Does Not Give Rise to a Claim for Securities Fraud
by: Scott H. Kimpel , James V. Davidson

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins