COVID-19 privacy legislation should protect consumers, allow needed research, and get Americans back to work

From the U.S. Chamber

The pandemic has proven how data is generating solutions that help people and the economy. Tech companies across the board have stepped up to fight the pandemic, leveraging data to develop insights, track the spread, and identify and aid vulnerable communities. And while the benefits are evident, the debate around privacy has intensified.

Congressional Democrats and Republicans have both introduced privacy legislation aimed at protecting consumers. Both bills would require all companies to obtain affirmative consent from individuals before collecting, processing, or transferring their personal health data in tracking the spread of the virus.

The Republican bill, the COVID-19 Consumer Data Protection Act, was introduced on May 7 by Senators Roger Wicker (MS), John Thune (SD), Deb Fisher (NE), Jerry Moran (KS), and Marsha Blackburn (TN).

The Democrats, led by Representatives Jan Schakowsky (IL) and Anna Eshoo (CA), and Senators Richard Blumenthal (CT) and Mark Warner (VA), introduced their own bill, the Public Health Emergency Privacy Act, this week. This legislation has additional provisions that would require that any data collected for public health be deleted by companies within 60 days of the end of the public health emergency and not be used for other applications. These limits would apply to employers and include a private right of action.

While both bills purport to protect consumers, they differ in key ways. To help illustrate the differences, C_TEC compared the COVID-19 privacy bills from Democrats and Republicans on their respective definitions, requirements, general exceptions, and enforcement and preemption.

The Chamber is working with its member companies to develop privacy principles for COVID-19. At the same time, we support a national privacy law that treats all Americans equally. To help get the country back to work safely and efficiently, any privacy bill should create a single standard, avoid class-action lawsuits, and exempt workplace data.

Data is a force for good in our society. A well-thought-out national standard for privacy and security is vital to promoting life-improving technology, which is why the Chamber is pushing for a national data privacy framework that strikes the right balance between protecting consumer data and advancing innovation.

—Tom Quaadman, Executive Vice President, Chamber Technology Engagement Center (C_TEC), U.S. Chamber of Commerce