Hey Congress, How’s That Privacy Bill Coming Along?

After months of stalled bipartisan negotiations over how the federal government should protect consumers’ private data, Senate Democrats decided to go it alone this month. On Tuesday, Senator Maria Cantwell (D-Washington) introduced the Consumer Online Privacy Rights Act, or COPRA, which would set up a sort of privacy bill of rights for Americans while providing some stronger mechanisms of enforcement.

The bill follows last week’s unveiling by Democratic leaders, including Cantwell, of a new set of “privacy principles” they say should form the foundation for any privacy or data-security legislation that comes out of Congress. These principles focus on establishing guardrails and accountability for businesses, while also protecting consumers and competition. And some key Republicans don’t consider that a helpful move.

The Democrats’ framework envisions a data-privacy bill that would finally put constraints on Silicon Valley firms, like limiting the amount of data companies can collect from users or requiring tech companies to audit their algorithms for discrimination, and also give average consumers the power to sue firms that play fast and loose with their data. Cantwell’s bill is the first attempt at turning those philosophies into law, but it likely won’t be the last. Other Democrats are growing impatient with what many see as tech firms running wild.

“I know from having fought for stronger privacy protection over decades, federal action is woefully overdue and urgently necessary now,” Senator Richard Blumenthal (D-Connecticut) said in a statement announcing the principles. “I will continue to work for bipartisan federal action because Americans absolutely want stronger privacy protection.”

The privacy framework was spearheaded by the top Democrats on the four powerful committees with jurisdiction over the issue. Besides Cantwell, who is the ranking member of the Commerce Committee, the group includes the Judiciary Committee’s Dianne Feinstein (D-California), the Banking Committee’s Sherrod Brown (D-Ohio), and the top Democrat on the Health, Education, Labor and Pensions Committee, Patty Murray (D-Washington).

Pressure has grown on lawmakers to do something about consumer privacy after years of revelations about the collection and use of personal data by the country’s biggest companies, from Facebook’s Cambridge Analytica scandal to more recent reports about who listens in on voice assistant recordings for Google, Amazon, and Apple. There’s also plenty of concern about location tracking, facial recognition, wearables—the list goes on. So far, Europe has moved far more aggressively to regulate tech on these issues, although how effective laws like the GDPR have been is still debated. In the absence of action from Congress, some states have moved to fill in the legislative gaps, most notably in California, where the state’s historic privacy act is set to take effect on January 1 and has been fiercely opposed by industry groups.

Republicans have been calling for a uniform federal law that would supersede state’s privacy laws, an idea Democrats oppose. And most in the GOP aren’t on board with Democrats’ desire to let consumers use the courts as a blunt object against tech firms, causing many to reject the Democrats’ outline out of hand. Republican senators say they wish their Democratic counterparts were more focused on working behind the scenes on the bipartisan talks that now seem to have stalled.

“Some of the things that they’re talking about will be difficult to reconcile with where Republicans are headed,” Senate majority whip John Thune (R-South Dakota) told reporters at the Capitol. “I’m not sure what the point is to issue a statement of principles when there’s been a ton of work put into a piece of legislation.”

Next Wednesday, the Commerce Committee will hold a much anticipated hearing on privacy. While the hearing is seen as a positive step by many, some Democrats say the GOP shouldn’t get a pat on the back just for doing their most basic duty. That sentiment helps explain, in part, why they dropped their own blueprint.

“If there’s going to be a hearing but no bipartisan agreement, then it’s important for both parties to clarify their positions to see exactly how close or far we are from each other,” Senator Brian Schatz (D-Hawaii) told WIRED. “Sometimes this is a precursor to a deal, and sometimes it’s a precursor to it all falling apart, and I guess we’ll have to find out which one this is.”

Privacy isn’t the only topic of discussion on the Hill when it comes to the tech sector. Over on the Senate Judiciary Committee, bipartisan talks are advancing on a proposal to revamp Section 230 of the Communications Decency Act, which broadly shields tech firms from being liable for the content people post on their platforms. Blumenthal is working with Judiciary chair Lindsey Graham (R-South Carolina) on a bill aimed at protecting children that they hope to introduce next year. While the effort faces an uphill climb, children are a top priority for members across the ideological divide, even in today’s hyper-partisan climate.

Graham says his aim is to force tech companies to demonstrate that they’re using “best business practices when it comes to protecting children from sexual predators and exploitation … to get your 230 protections.” Trust is waning on Capitol Hill when it comes to Silicon Valley. “We’re just not going to give it to you anymore. You have to earn it,” Graham told reporters at the Capitol.

If Graham and Blumenthal’s legislation were to advance, it could become the vehicle for other privacy provisions, which many lawmakers are eager to see happen sooner than later.

“I hope that we’ll get to the business here of actually passing some stuff,” Senator Josh Hawley (R-Missouri) told WIRED. “I mean, that’s pretty actually noncontroversial. I know they’re controversial with big tech, but they’re really not controversial in this building.”

Hawley says he’s still studying Democrats’ new privacy framework, and unlike other Republicans, he welcomes their latest effort to highlight the necessity of enacting a federal privacy standard.

“I think them laying out principles is, you know, good and helpful. And I think it shows that they’re taking it seriously as a caucus,” Hawley said. “I’m glad that they are engaged on it. And I hope that it will move the ball forward and show that there really is bipartisan interest here. I mean, there’s a lot of room for us to agree.”

Unlike most issues in Washington these days, the privacy policy debate doesn’t fall into routine hyper-partisan divisions. While taking swipes at Silicon Valley scores easy political points these days, putting a finger in the eye of Big Tech is one thing. Actually getting something done is different. Which is also why the issue has stalled for so long, unaddressed by Democrats and Republican leaders alike.

More Great WIRED Stories

Read More